11. Dezember 2025
Fortinet on Tuesday announced patches for 18 vulnerabilities across its products, including two flaws that could allow attackers to bypass authentication.
Tracked as CVE-2025-59718 and CVE-2025-59719 (CVSS score of 9.8), the two bugs are described as improper verification of cryptographic signature issues. They impact FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager.
According to Fortinet, the weaknesses allow attackers to send crafted SAML response messages to vulnerable appliances and bypass the FortiCloud SSO login authentication.
The feature, Fortinet explains, is disabled in default factory settings, but is enabled when a new device is registered to FortiCare.
“When an administrator registers the device to FortiCare from the device’s GUI, unless the administrator disables the toggle switch ‘Allow administrative login using FortiCloud SSO’ in the registration page, FortiCloud SSO login is enabled upon registration,” the company notes in its advisory.
The defect was resolved in FortiOS versions 7.6.4, 7.4.9, 7.2.12, and 7.0.18, FortiProxy versions 7.6.4, 7.4.11, 7.2.15, and 7.0.22, FortiSwitchManager versions 7.2.7 and 7.0.6, and FortiWeb versions 8.0.1, 7.6.5, and 7.4.10.
Enterprise software maker SAP on Tuesday announced the release of 14 new security notes as part of its December 2025 security patch day, including three that address critical-severity vulnerabilities.
The first of the critical notes resolves CVE-2025-42880 (CVSS score of 9.9), which is described as a code injection in Solution Manager.
Affecting a remote-enabled module of the product, the security defect exists because user input is improperly validated, allowing authenticated attackers to inject arbitrary code, SAP security firm Onapsis explains.
The risk posed by the CVE, Pathlock security analyst Jonathan Stross says, is heightened by the central role Solution Manager has within enterprise environments, where it acts as a central operations and administration hub connected to other SAP systems.
“In many SAP environments, it helps admins to manage updates and push software throughout the organization’s SAP landscape; therefore, it has many high-privileged users and provides critical access to other systems. This is why a successful exploitation of this vulnerability could potentially give an attacker administrative-level access to the entire SAP enterprise landscape,” Stross said.
