CyberSec.Space Logo
返回 CVE 浏览器

CVE-2025-59719

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1960%
EPSS Percentile43.38th
Published2025年12月9日
Last Modified2026年6月9日

Vulnerability Description

An improper verification of cryptographic signature vulnerability in Fortinet FortiWeb 8.0.0, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4.9 may allow an unauthenticated attacker to bypass the FortiCloud SSO login authentication via a crafted SAML response message.

Affected Platforms (CPE)

📦
Fortinet

Fortiweb

>= 7.4.0 and <= 7.4.9
📦
Fortinet

Fortiweb

>= 7.6.0 and <= 7.6.4
📦
Fortinet

Fortiweb

= 8.0.0

References & Advisories

🔗 https://fortiguard.fortinet.com/psirt/FG-IR-25-647
🔗 https://cert-portal.siemens.com/productcert/html/ssa-864900.html

相关漏洞威胁

CVE-2020-290169.8

A stack-based buffer overflow vulnerability in FortiWeb 6.3.0 through 6.3.5 and version before 6.2.4 may allow an unauthenticated,...

CVE-2026-248589.8

An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] vulnerability in Fortinet FortiAnalyzer 7.6.0 ...

CVE-2020-290159.8

A blind SQL injection in the user interface of FortiWeb 6.3.0 through 6.3.7 and version before 6.2.4 may allow an unauthenticated,...

CVE-2021-427569.8

Multiple stack-based buffer overflow vulnerabilities [CWE-121] in the proxy daemon of FortiWeb 5.x all versions, 6.0.7 and below, ...