CVE-2025-59718
Published Dec 9, 2025
Last updated a month ago
AI description
CVE-2025-59718 is a vulnerability affecting Fortinet's FortiOS, FortiProxy, and FortiSwitchManager. It stems from an improper verification of cryptographic signatures, which could allow an unauthenticated attacker to bypass FortiCloud Single Sign-On (SSO) login authentication. This bypass is possible through a crafted Security Assertion Markup Language (SAML) message, but only if the FortiCloud SSO login feature is enabled on the device. The FortiCloud SSO login feature is not enabled by default in factory settings. However, it becomes enabled when an administrator registers the device with FortiCare via the GUI, unless the administrator specifically disables the "Allow administrative login using FortiCloud SSO" option during registration.
- Description
- A improper verification of cryptographic signature vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0.0 through 7.0.17, FortiProxy 7.6.0 through 7.6.3, FortiProxy 7.4.0 through 7.4.10, FortiProxy 7.2.0 through 7.2.14, FortiProxy 7.0.0 through 7.0.21, FortiSwitchManager 7.2.0 through 7.2.6, FortiSwitchManager 7.0.0 through 7.0.5 allows an unauthenticated attacker to bypass the FortiCloud SSO login authentication via a crafted SAML response message.
- Source
- psirt@fortinet.com
- NVD status
- Analyzed
- Products
- fortiproxy, fortiswitchmanager, fortios
CVSS 3.1
- Type
- Secondary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
Data from CISA
- Vulnerability name
- Fortinet Multiple Products Improper Verification of Cryptographic Signature Vulnerability
- Exploit added on
- Dec 16, 2025
- Exploit action due
- Dec 23, 2025
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- psirt@fortinet.com
- CWE-347
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
21
Patching isn't enough. Check for the "Helpdesk" backdoor. If you run Fortinet, the CVE-2025-59718 exploit isn't just a vulnerability, it’s an active invasion sales@accessystem.com #CyberSecurity #Fortinet #CISO #ThreatIntel #NetworkSecurity #BlueTeam #ACCESSYSTEM #OORONE https
@ACCESSYSTEM_IT
25 Jan 2026
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Fortinet confirms active FortiCloud SSO bypass affecting fully patched FortiGate firewalls, exploiting CVE-2025-59718 and CVE-2025-59719. Vulnerability allows persistent accounts, VPN access, and config theft. #FortinetRisk #SSOVulnerability #USA https://t.co/tYboJhOZlB
@TweetThreatNews
25 Jan 2026
71 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨 ALERTA FORTINET Firewalls FortiGate PARCHEADOS estan siendo hackeados - Parche de diciembre NO funciona - Atacantes crean backdoors en SEGUNDOS - Roban configs completas Solucion temporal: Desactivar FortiCloud SSO CVE-2025-59718 / CVE-2025-59719 #fortinet #cibersegurid
@secnetnew
24 Jan 2026
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
FortiOS 7.4.9 faces active CVE-2025-59718 exploits via forged FortiCloud SSO. Ingram Micro ransomware exposed 42,521 records. EU moves to ban high-risk non-EU telecom gear amid rising hacktivist attacks. #Fortinet #RansomwareAttack #Europe https://t.co/7xpkQxpcxx
@TweetThreatNews
24 Jan 2026
168 Impressions
0 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
Fortinet confirms FortiCloud SSO exploitation bypassing patches for CVE-2025-59718 and CVE-2025-59719. Attackers automate account creation, enable VPNs, and extract configs from FortiGate devices. #FortiCloudBreach #NetworkSecurity #USA https://t.co/XSELNE3X3q
@TweetThreatNews
24 Jan 2026
130 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Fortinet confirms critical FortiCloud SSO bypass (CVE-2025-59718) remains unpatched. Automated attacks create VPN admin accounts and steal configs within seconds. Admin access restriction advised. #Fortinet #AuthBypass #InfoSec https://t.co/eJsyK3qlzs
@TweetThreatNews
24 Jan 2026
117 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
FortiGateのSSO認証バイパス脆弱性(CVE-2025-59718/59719)、パッチ適用済み環境でも新たな攻撃経路で悪用が確認されたとのこと。FortiCloud SSO利用中の場合は一時無効化が推奨されています。 https://t.co/JhRzmod5iv #サイ
@dejital_secure
24 Jan 2026
62 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
FortiGate firewalls patched with 7.4.10 are still vulnerable to CVE-2025-59718 auth bypass, allowing attackers to create admin accounts. Fortinet to release new fixes; FortiCloud SSO also affected. #Fortinet #AuthenticationFlaw #USA https://t.co/ya2506vnK2
@TweetThreatNews
24 Jan 2026
137 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Fortinet confirms active exploitation of CVE-2025-59718 / 59719, allowing FortiGate FortiCloud SSO bypass — even on fully patched devices.
@KPGlobalCharts
23 Jan 2026
77 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Active exploits reported on FortiOS 7.4.9 targeting CVE-2025-59718, a Fortinet SSO bypass vulnerability. Attackers use FortiCloud SSO to create unauthorized admin accounts and export configs. #Fortinet #SSOVulnerability #USA https://t.co/3Q0O8RSGOl
@TweetThreatNews
23 Jan 2026
106 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 Fortinet Confirms Active Exploitation of Critical FortiCloud SSO Auth Bypass Flaws (CVE-2025-59718/59719) Fortinet says attackers are actively exploiting critical FortiCloud SSO bypass bugs via crafted SAML requests on FortiOS/FortiWeb/FortiProxy/FortiSwitch Manager, creatin
@ThreatSynop
23 Jan 2026
60 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Fortinet Confirms Active FortiCloud SSO Bypass Still Hits Fully Patched FortiGate Firewalls Fortinet confirmed attackers are exploiting a patch-bypass path for FortiCloud SSO auth flaws (CVE-2025-59718 / CVE-2025-59719) using crafted SAML messages, allowing persistence via n
@ThreatSynop
23 Jan 2026
57 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Onderzoekers melden actief misbruik in FortiCloud van kwetsbaarheden met kenmerken CVE-2025-59718 en CVE-2025-59719. Lees hier onze update van het high/high beveiligingsadvies: https://t.co/OwAkGwvQKz
@ncsc_nl
23 Jan 2026
1218 Impressions
2 Retweets
4 Likes
0 Bookmarks
0 Replies
1 Quote
🚨 Fortinet Confirms Active Exploitation of FortiCloud SSO Auth Bypass Targeting Even Patched FortiGates Fortinet confirmed an automated campaign abusing FortiCloud SSO authentication-bypass flaws (CVE-2025-59718 / CVE-2025-59719) to create rogue admin accounts, exfiltrate
@ThreatSynop
23 Jan 2026
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Fortinet confirms active exploitation of CVE-2025-59718 / 59719, allowing FortiGate FortiCloud SSO bypass — even on fully patched devices. Attackers abuse crafted SAML logins to gain admin access, add persistent accounts, enable VPN, and steal configs. Disabling FortiClou
@TheHackersNews
23 Jan 2026
14312 Impressions
62 Retweets
141 Likes
29 Bookmarks
1 Reply
3 Quotes
🚨 Fortinet Confirms FortiCloud Auth Bypass Still Exploitable Despite Previous Patch Fortinet confirmed attackers are still exploiting a critical FortiCloud SSO authentication bypass (CVE-2025-59718) via a patch-bypass technique, allowing them to create rogue admin/VPN accounts
@ThreatSynop
23 Jan 2026
41 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Fortinet: Vulnerability, Lawsuit, Analyst Cuts Now: Fortinet (FTNT) saw a week of concrete headwinds: an actively exploited FortiCloud/SSO vulnerability (CVE-2025-59718), a class-action lawsuit tied to firewall refresh disclosures, … #stockmarket #ftnt https://t.co/DuzAfjiU9h
@equityswarmX
23 Jan 2026
44 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-59718, -19: Improper Verification of Cryptographic Signature in Fortinet devices, 9.8 rating 🔥 Fortinet have discovered exploitation of old vulns that bypassed patches. Review the mitigation recoms. Search at https://t.co/hv7QKSqxTR: 👉 Link: https://t.co/T2imWFII
@Netlas_io
23 Jan 2026
633 Impressions
6 Retweets
10 Likes
5 Bookmarks
0 Replies
0 Quotes
📢 𝐍𝐞𝐰 𝐂𝐕𝐄 𝐚𝐧𝐚𝐥𝐲𝐬𝐢𝐬 𝐣𝐮𝐬𝐭 𝐝𝐫𝐨𝐩𝐩𝐞𝐝! Threat actors exploit FortiCloud SSO to reconfigure FortiGate firewalls. Get the full breakdown of CVE-2025-59718 and how to defend against these rapid attacks. 📖 Ch
@PurpleOps_io
23 Jan 2026
73 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Fortinetは、FortiGateを狙った攻撃で新たな攻撃経路が使われていると明らかにした。2025年12月に公表されたCVE-2025-59718およびCVE-2025-59719はFortiCloudのSSO機能を悪用した認証回避だったが、今回は修正後の最新版でも
@yousukezan
23 Jan 2026
1163 Impressions
5 Retweets
14 Likes
2 Bookmarks
0 Replies
0 Quotes
Starting January 15, 2026, attackers exploited CVE-2025-59718 and CVE-2025-59719 to bypass FortiCloud SSO on FortiGate devices, altering firewall configs, creating admin accounts, and exporting sensitive data. #FortiGateAttacks #SSOBypass #USA https://t.co/dZsIDyQaGO
@TweetThreatNews
23 Jan 2026
145 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
A new cluster of automated malicious activity involving unauthorized firewall configuration changes on FortiGate devices. CVE-2025-59718 & CVE-2025-59719 #IOC https://t.co/X1i6yIgOxh
@blackorbird
23 Jan 2026
2529 Impressions
10 Retweets
30 Likes
6 Bookmarks
2 Replies
0 Quotes
csirt_it: ‼️ #Exploited #Fortinet: rilevato possibile bypass di aggiornamenti rilasciati a Dicembre per le CVE-2025-59718 e CVE-2025-59719 🔗 https://t.co/cOKFFdSy7P https://t.co/abBVDuijyQ
@Vulcanux_
22 Jan 2026
164 Impressions
1 Retweet
2 Likes
0 Bookmarks
0 Replies
0 Quotes
‼️ #Exploited #Fortinet: rilevato possibile bypass di aggiornamenti rilasciati a Dicembre per le CVE-2025-59718 e CVE-2025-59719 🔗 https://t.co/EMOH8biqER https://t.co/7RoZa7D4qH
@csirt_it
22 Jan 2026
231 Impressions
0 Retweets
4 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 𝐅𝐫𝐞𝐬𝐡 𝐂𝐕𝐄 𝐚𝐥𝐞𝐫𝐭 𝐣𝐮𝐬𝐭 𝐢𝐧! Fortinet patches failed to stop CVE-2025-59718. Discover how attackers bypassed fixes and what actions your security team must take now. 🔗 Read the full breakdown → https://t.co/9zLghuZr8
@PurpleOps_io
22 Jan 2026
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ @Fortinet customers report patched FortiGate firewalls still being compromised, linked to an authentication bypass vulnerability. Admins say activity resembles earlier CVE-2025-59718 exploitation, even after recent updates. How should teams respond when patches don’t
@TechNadu
22 Jan 2026
83 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Patched Fortinet firewalls are being compromised. The patch for CVE-2025-59718 was released. But attackers are still bypassing SSO authentication on updated devices. They’re stealing firewall configs & creating backdoor accounts. A failed patch cycle creates a false
@photogrim_
22 Jan 2026
52 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
FortiGate يعاني من ثغرة CVE-2025-59718 حتى بعد التحديث؟ فريق، فيه تقارير تشير إلى أن بعض أجهزة FortiGate لازالت عرضة للخطر بسبب ثغرة CVE-2025-59718، حتى الأجهزة اللي تم تحديثها
@MisbarSec
22 Jan 2026
68 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-59718, a critical authentication bypass vulnerability in FortiGate firewalls, continues to be exploited despite claims of fixes in FortiOS versions 7.4.9 and above. https://t.co/xrBYYHVYSO
@securityRSS
22 Jan 2026
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Fortinet admins report patched FortiGate firewalls getting hacked 以前に修正された重要な認証脆弱性(CVE-2025-59718)のパッチバイパスを悪用。修正済みのFortiGateファイアウォールがハッキングされる事例が報告 修正を含む新
@johntheMAT
22 Jan 2026
56 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
In early December, Fortinet released an advisory for two critical authentication bypass vulnerabilities (CVE-2025-59718 and CVE-2025-59719). Shortly after disclosure, Arctic Wolf began observing intrusions involving malicious SSO logins on FortiGate appliances. Malicious logins
@DCWebGuy
22 Jan 2026
55 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Fortinet SSO Flaw (CVE-2025-59718) Still Abused to Compromise “Patched” FortiGate Firewalls Reports show attackers continue exploiting a FortiCloud SSO authentication bypass tied to CVE-2025-59718 to create unauthorized local admin accounts on FortiGate devices, even aft
@ThreatSynop
22 Jan 2026
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Automated FortiGate Attacks Exploit FortiCloud SSO to Create Admins and Alter Firewall Settings Arctic Wolf reports a new automated attack cluster abusing FortiCloud SSO weaknesses (linked to CVE-2025-59718/59719 activity) to create persistent admin accounts, modify configs
@ThreatSynop
22 Jan 2026
60 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Fortinet customers are reporting that attackers are exploiting a previously fixed vulnerability (CVE-2025-59718) to hack patched firewalls. https://t.co/rR9xe99g0m
@GuardingPearSof
22 Jan 2026
41 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
パッチ済みのFortiGateがCVE-2025-59718経由で侵害された:管理者らが報告 | Codebook|Security News https://t.co/sLXLqPoeCN
@ohhara_shiojiri
22 Jan 2026
25 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Automated attacks bypass Fortinet firewalls. What looked like routine ops was a critical SSO auth bypass (CVE-2025-59718). Attackers altered configs, exfiltrated data, and created persistent backdoors. The most worrying part? Even fully patched devices are reportedly being
@photogrim_
22 Jan 2026
54 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ CVE-2025-59718 – Des firewalls FortiGate piratés malgré l’installation des derniers patchs Tous les détails par ici 👇 - https://t.co/qdmmtUDJzK #Fortinet #FortiGate #infosec #cybersecurite https://t.co/z95fE5xt6e
@ITConnect_fr
22 Jan 2026
2463 Impressions
8 Retweets
24 Likes
8 Bookmarks
0 Replies
0 Quotes
🚨 Fortinet FortiGate under automated SSO abuse. Attackers exploit CVE-2025-59718/59719 to add admin users, enable VPN access, and export firewall configs within seconds, per Arctic Wolf. 🔗 Learn what’s happening and what to disable → https://t.co/thH7LT7P3W
@TheHackersNews
22 Jan 2026
6728 Impressions
25 Retweets
52 Likes
17 Bookmarks
0 Replies
1 Quote
מה יהיה.... משתמשים מדווחים כי תוקפים הצליחו לפרוץ דרך מכשיר FortiGate, תוך ניצול החולשה CVE-2025-59718, למרות שהמכשיר מעודכן לגרסה האחרונה. משתמש ברדיט טוען כי החברה
@CyberIL
22 Jan 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
‼️Fortinet admins report patched FortiGate firewalls getting hacked Patched FortiGate firewalls are still being compromised via a bypass of CVE-2025-59718, affecting even FortiOS 7.4.10. Attackers exploit malicious SAML messages to gain FortiCloud SSO access and create admin
@H4ckmanac
22 Jan 2026
10306 Impressions
28 Retweets
81 Likes
29 Bookmarks
4 Replies
1 Quote
【悲報】フォーティネットFortiCloud SSOの脆弱性CVE-2025-59718、パッチを適用しても脆弱性が残存していた模様。FortiOS 7.4.9で修整されたことになっていたが、最新版7.4.10でも脆弱。悪用報告あり。数日内に7.4.11等
@__kokumoto
22 Jan 2026
3140 Impressions
6 Retweets
10 Likes
2 Bookmarks
1 Reply
1 Quote
🚨 Fortinet SSO Vulnerability Actively Exploited to Hack Firewalls & Gain Admin Access Source: https://t.co/ge7ZbcH5BN A critical vulnerability in Fortinet's Single Sign-On (SSO) feature for FortiGate firewalls, tracked as CVE-2025-59718, is under active exploitation. ht
@The_Cyber_News
22 Jan 2026
16299 Impressions
60 Retweets
204 Likes
68 Bookmarks
2 Replies
1 Quote
⚠️パッチ済みのFortiGateがCVE-2025-59718経由で侵害された:管理者らが報告 〜サイバーアラート1月22日〜 https://t.co/iuEjxtF0a5
@MachinaRecord
22 Jan 2026
186 Impressions
1 Retweet
2 Likes
1 Bookmark
0 Replies
0 Quotes
完全にパッチが適用された FortiGate ファイアウォールが CVE-2025-59718 によって侵害される可能性がありますか? Fully patched FortiGate firewalls are getting compromised via CVE-2025-59718? #HelpNetSecurity (Jan 21) https://t.co/qPEA6knPB6
@foxbook
22 Jan 2026
82 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Patched FortiGate Devices Still Compromised via FortiCloud SSO Auth Bypass (CVE-2025-59718) Help Net Security reports admins are seeing attackers log in via FortiCloud SSO/SAML and create new local admin accounts on FortiGate devices even after upgrading to “fixed” Forti
@ThreatSynop
21 Jan 2026
49 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Fully #patched #FortiGate firewalls are getting compromised via #CVE-2025-59718? https://t.co/68X7jOpM1q
@ScyScan
21 Jan 2026
37 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#cyberNEWS Fortinet customers are seeing attackers exploiting a patch bypass for a previously fixed critical FortiGate authentication vulnerability (CVE-2025-59718) to hack patched firewalls. https://t.co/GkI4YbtsoY
@CyberSysblue
21 Jan 2026
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔥🧱 patched fortigate firewalls hacked via auth bypass Fortinet admins report attackers exploiting a patch bypass for a previously fixed FortiGate authentication flaw (CVE-2025-59718). #fortinet #fortigate #zeroday #firewall #cybersecurity https://t.co/rjc9AdFmW1
@Strivehawk
21 Jan 2026
54 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Fully patched FortiGate firewalls are getting compromised via CVE-2025-59718? https://t.co/oc119MP186 #HelpNetSecurity #Cybersecurity https://t.co/qDHCF9emzX
@PoseidonTPA
21 Jan 2026
45 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Fully patched FortiGate firewalls are getting compromised via CVE-2025-59718?: CVE-2025-59718, a critical authentication bypass flaw that attackers exploited in December 2025 to compromise FortiGate appliances, appears to persist in newer, purportedly… https://t.co/wTqUOAvo3d h
@shah_sheikh
21 Jan 2026
72 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FD1BE28E-8FDA-4DA9-9DA8-EF5266CD3C54",
"versionEndExcluding": "7.0.22",
"versionStartIncluding": "7.0.0"
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4B2E82CF-00E9-4D67-B472-E54A325F87FC",
"versionEndExcluding": "7.2.15",
"versionStartIncluding": "7.2.0"
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F989EFB6-A5C9-414B-A85B-786D309B41AF",
"versionEndExcluding": "7.4.11",
"versionStartIncluding": "7.4.0"
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "11CA0204-FD63-4614-821E-E2C4E34F7979",
"versionEndExcluding": "7.6.4",
"versionStartIncluding": "7.6.0"
},
{
"criteria": "cpe:2.3:a:fortinet:fortiswitchmanager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F1B9AA70-BB46-403B-94C1-D94C64E22334",
"versionEndExcluding": "7.0.6",
"versionStartIncluding": "7.0.0"
},
{
"criteria": "cpe:2.3:a:fortinet:fortiswitchmanager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EE22A407-02CB-4979-A38D-9EBAFEB350F6",
"versionEndExcluding": "7.2.7",
"versionStartIncluding": "7.2.0"
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BCEB8B8A-797C-4E5E-BCDB-A54EB83AD8A2",
"versionEndExcluding": "7.0.18",
"versionStartIncluding": "7.0.0"
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E8FAAA2E-7A53-4F6B-A9C7-1E2B4CB5F7EB",
"versionEndExcluding": "7.2.12",
"versionStartIncluding": "7.2.0"
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2093EFE3-4B7F-4806-9850-C42B26BC64AC",
"versionEndExcluding": "7.4.9",
"versionStartIncluding": "7.4.0"
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C1C30E0D-7F09-42D2-9EB1-E2196BD50D75",
"versionEndExcluding": "7.6.4",
"versionStartIncluding": "7.6.0"
}
],
"operator": "OR"
}
]
}
]