CVE-2025-59719

Name of the Vulnerable Software and Affected Versions Fortinet FortiWeb versions 7.4.0 through 7.4.9 Fortinet FortiWeb versions 7.6.0 through 7.6.4 Fortinet FortiWeb version 8.0.0

Description An improper verification of cryptographic signature exists in the SAML Response Message Handler. This can allow an unauthenticated attacker to bypass FortiCloud SSO login authentication by sending a crafted SAML response message.

Recommendations Fortinet FortiWeb versions 7.4.0 through 7.4.9 should be updated. Fortinet FortiWeb versions 7.6.0 through 7.6.4 should be updated. Fortinet FortiWeb version 8.0.0 should be updated.