All news with #fortios tag

Fortinet warns of critical FortiCloud SSO bypass flaws

⚠️ Fortinet released patches for two critical FortiCloud SSO authentication bypass vulnerabilities (CVE-2025-59718, CVE-2025-59719) impacting FortiOS, FortiProxy, FortiSwitchManager, and FortiWeb. Attackers can abuse improper cryptographic signature verification in crafted SAML messages to bypass FortiCloud SSO controls. Administrators should disable FortiCloud SSO until devices are patched — either via System -> Settings in the GUI or with the provided CLI command — and apply the vendor firmware updates promptly. Fortinet also fixed related credential and password-hash issues (CVE-2025-59808, CVE-2025-64471).

Fortinet Unified SASE: Integrated Networking and Security

🔒 Fortinet presents Fortinet Unified SASE as a natively integrated platform that combines cloud-delivered FortiSASE with Fortinet Secure SD‑WAN on a single operating system to avoid the fragmentation common in many SASE solutions. The article stresses a single-agent experience via FortiClient, one management plane powered by FortiOS, and consolidated threat intelligence from FortiGuard Labs. It highlights flexible deployment choices, global POPs, and sovereign SASE options to meet data residency and compliance requirements. Fortinet also emphasizes AI/ML-driven correlation and GenAI-assisted policy and investigation to improve detection and operational efficiency.