CVE-2025-59718, a critical authentication bypass flaw that attackers exploited in December 2025 to compromise FortiGate appliances, appears to persist in newer, purportedly fixed releases of the underlying FortiOS. According to Fortinet, CVE-2025-59718 had been fixed in FortiOS versions 7.6.4 or above, 7.4.9 or above, 7.2.12 or above, and 7.0.18 or above. But on Tuesday, a Fortinet administrator posted on Reddit asking whether other enterprise admins had observed attackers logging in and creating new accounts on … More
The post Fully patched FortiGate firewalls are getting compromised via CVE-2025-59718? appeared first on Help Net Security.
