Fortinet patched 18 flaws, including two authentication-bypass bugs affecting FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager with FortiCloud SSO enabled.Fortinet addressed 18 vulnerabilities, including two authentication-bypass flaws, tracked as CVE-2025-59718 and CVE-2025-59719 (CVSS score of 9.1), affecting FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager when FortiCloud SSO is enabled.Both vulnerabilities are improper verification of cryptographic signature issues. An improper signature-verification flaw in FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager lets an unauthenticated attacker bypass FortiCloud SSO login using a crafted SAML message, if the feature is enabled. FortiCloud SSO is disabled by default, but it activates automatically during FortiCare registration unless the admin disables the “Allow administrative login using FortiCloud SSO” toggle.“Please note that the FortiCloud SSO login feature is not enabled in default factory settings. However, when an administrator registers the device to FortiCare from the device’s GUI, unless the administrator disables the toggle switch “Allow administrative login using FortiCloud SSO” in the registration page, FortiCloud SSO login is enabled upon registration.” reads the advisory.The vendor recommends disabling the FortiCloud login feature (if enabled) until upgrading to a non-affected version, as a temporary mitigation.Below are the impacted versions:VersionAffectedSolutionFortiOS 7.67.6.0 through 7.6.3Upgrade to 7.6.4 or aboveFortiOS 7.47.4.0 through 7.4.8Upgrade to 7.4.9 or aboveFortiOS 7.27.2.0 through 7.2.11Upgrade to 7.2.12 or aboveFortiOS 7.07.0.0 through 7.0.17Upgrade to 7.0.18 or aboveFortiOS 6.4Not affectedNot ApplicableFortiProxy 7.67.6.0 through 7.6.3Upgrade to 7.6.4 or aboveFortiProxy 7.47.4.0 through 7.4.10Upgrade to 7.4.11 or aboveFortiProxy 7.27.2.0 through 7.2.14Upgrade to 7.2.15 or aboveFortiProxy 7.07.0.0 through 7.0.21Upgrade to 7.0.22 or aboveFortiSwitchManager 7.27.2.0 through 7.2.6Upgrade to 7.2.7 or aboveFortiSwitchManager 7.07.0.0 through 7.0.5Upgrade to 7.0.6 or aboveFortiWeb 8.08.0.0Upgrade to 8.0.1 or aboveFortiWeb 7.67.6.0 through 7.6.4Upgrade to 7.6.5 or aboveFortiWeb 7.47.4.0 through 7.4.9Upgrade to 7.4.10 or aboveFortiWeb 7.2Not affectedNot ApplicableFortiWeb 7.0Not affectedNot ApplicableThe vulnerabilities were internally discovered and reported by Yonghui Han and Theo Leleu of Fortinet Product Security team.At this time, it is unclear if any of these vulnerabilities has been exploited in attacks in the wild. Follow me on Twitter: @securityaffairs and Facebook and MastodonPierluigi Paganini(SecurityAffairs – hacking, FortiOS)