Ref# ADV2025_420 | Date: Dec 10th 2025

---

Fortinet published a security advisory highlighting vulnerabilities in the following product on December 9th, 2025. It is recommended that you take the necessary precautions by ensuring your product is always updated. 

• FortiCloud SSO Login Authentication Bypass affecting the following products: FortiOS, FortiWeb, FortiProxy and FortiSwitchManager.
  (CVE-2025-59718, CVE-2025-59719) 

For more information on this update, you can follow these URLs: 

• Critical vulnerability: FortiCloud SSO Authentication Bypass 

• Fortinet PSIRT Advisories 

 

The Guyana National CIRT recommends that users and administrators review this update and apply it where necessary. 

References 

• Fortinet Security Advisory (December 9th, 2025). Retrieved from Fortinet. https://fortiguard.fortinet.com/psirt/FG-IR-25-647 

  

• Fortinet Security Advisory. (December 9th, 2025). Retrieved from Canadian Centre for Cyber Security. https://www.cyber.gc.ca/en/alerts-advisories/fortinet-security-advisory-av25-821