CVE-2025-59718
Published Dec 9, 2025
Last updated a month ago
AI description
CVE-2025-59718 is a vulnerability affecting Fortinet's FortiOS, FortiProxy, and FortiSwitchManager. It stems from an improper verification of cryptographic signatures, which could allow an unauthenticated attacker to bypass FortiCloud Single Sign-On (SSO) login authentication. This bypass is possible through a crafted Security Assertion Markup Language (SAML) message, but only if the FortiCloud SSO login feature is enabled on the device. The FortiCloud SSO login feature is not enabled by default in factory settings. However, it becomes enabled when an administrator registers the device with FortiCare via the GUI, unless the administrator specifically disables the "Allow administrative login using FortiCloud SSO" option during registration.
- Description
- A improper verification of cryptographic signature vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0.0 through 7.0.17, FortiProxy 7.6.0 through 7.6.3, FortiProxy 7.4.0 through 7.4.10, FortiProxy 7.2.0 through 7.2.14, FortiProxy 7.0.0 through 7.0.21, FortiSwitchManager 7.2.0 through 7.2.6, FortiSwitchManager 7.0.0 through 7.0.5 allows an unauthenticated attacker to bypass the FortiCloud SSO login authentication via a crafted SAML response message.
- Source
- psirt@fortinet.com
- NVD status
- Analyzed
- Products
- fortiproxy, fortiswitchmanager, fortios
CVSS 3.1
- Type
- Secondary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
Data from CISA
- Vulnerability name
- Fortinet Multiple Products Improper Verification of Cryptographic Signature Vulnerability
- Exploit added on
- Dec 16, 2025
- Exploit action due
- Dec 23, 2025
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- psirt@fortinet.com
- CWE-347
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
10
【独自】フォーティネットがFortiOS等多数の製品における重大(Critical)な認証回避のゼロデイ脆弱性CVE-2026-24858を修正。FortiCloud SSO経由での認証回避の脆弱性CVE-2025-59718へのパッチを当てても被害が続いていた関
@__kokumoto
27 Jan 2026
3463 Impressions
9 Retweets
14 Likes
11 Bookmarks
2 Replies
1 Quote
⚠️ Vulnerabilidades en productos Fortinet ❗ CVE-2025-59719 ❗ CVE-2025-59718 ➡️ Más info: https://t.co/ZIVEEsEM7e https://t.co/zK6Nwjxc0y
@CERTpy
27 Jan 2026
152 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Fortinet、パッチ済みデバイスに対するFortiCloud SSO悪用攻撃について認める:CVE-2025-59718 | Codebook|Security News https://t.co/XDMeHOhbPY
@ohhara_shiojiri
27 Jan 2026
37 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
According to Arctic Wolf, unauthorized FortiCloud SSO logins resembling the FortiCloud SSO auth bypasses disclosed and patched in Dec 2025 (CVE-2025-59718/59719) are being observed again in Jan 2026 as an automated campaign. Post-compromise activity includes adding local admin ht
@nekono_naha
27 Jan 2026
1832 Impressions
4 Retweets
12 Likes
3 Bookmarks
0 Replies
0 Quotes
🚨 We are observing active exploitation of CVE-2025-59718 and CVE-2025-59719, targeting FortiCloud SSO to bypass authentication. Attackers are using these flaws to maintain valid sessions and persistence even after the underlying devices are fully patched. Patching closes the
@ReliaQuestTR
26 Jan 2026
121 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Fortinet FortiGate firewalls are under active attack via a FortiCloud SSO auth-bypass (CVE-2025-59718) — attackers are creating rogue admin accounts and exfiltrating firewall configs. 10,000+ devices remain exposed. Disable FortiCloud SSO, restrict admin access, and hunt for ne
@Anavem_
26 Jan 2026
121 Impressions
1 Retweet
4 Likes
0 Bookmarks
0 Replies
0 Quotes
Geopolitical tensions and cyber operations remain tightly intertwined as state-sponsored actors and criminal groups exploit vulnerabilities to advance strategic objectives. Recent exploits of Fortinet firewall flaws, including incomplete patches for CVE-2025-59718 and
@ox0ffff
26 Jan 2026
69 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Weekly Recap: Fortinet Firewall Patch Gaps, AI-Built VoidLink, CrashFix-to-ModeloRAT, and Critical CVEs This week’s recap highlights how “patched” doesn’t always mean safe—Fortinet firewalls saw fresh exploitation via incomplete fixes for CVE-2025-59718/59719, whi
@ThreatSynop
26 Jan 2026
48 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨Fortinet、パッチ済みデバイスに対するFortiCloud SSO悪用攻撃について認める:CVE-2025-59718 ⚠️VMware vCenterの脆弱性が悪用される、CISAがKEVカタログに追加:CVE-2024-37079 〜サイバーセキュリティ週末の話題〜 https
@MachinaRecord
26 Jan 2026
40 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
How to Secure Your FortiGate Firewall Against CVE-2025-59718 Exploits Read more: https://t.co/Bri0irwdII #FortiGate #CVE-2025-59718 #FirewallSecurity #ExploitProtection #How-To
@beast_xtra
25 Jan 2026
51 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Week in Review: Patched FortiGate Firewalls Still Compromised, Cisco UC RCE Probed in the Wild Last week highlighted active exploitation pressure on perimeter systems, including reports that “fully patched” FortiGate devices may still be getting compromised (CVE-2025-597
@ThreatSynop
25 Jan 2026
34 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Patching isn't enough. Check for the "Helpdesk" backdoor. If you run Fortinet, the CVE-2025-59718 exploit isn't just a vulnerability, it’s an active invasion sales@accessystem.com #CyberSecurity #Fortinet #CISO #ThreatIntel #NetworkSecurity #BlueTeam #ACCESSYSTEM #OORONE https
@ACCESSYSTEM_IT
25 Jan 2026
63 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Fortinet confirms active FortiCloud SSO bypass affecting fully patched FortiGate firewalls, exploiting CVE-2025-59718 and CVE-2025-59719. Vulnerability allows persistent accounts, VPN access, and config theft. #FortinetRisk #SSOVulnerability #USA https://t.co/tYboJhOZlB
@TweetThreatNews
25 Jan 2026
137 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
🚨 ALERTA FORTINET Firewalls FortiGate PARCHEADOS estan siendo hackeados - Parche de diciembre NO funciona - Atacantes crean backdoors en SEGUNDOS - Roban configs completas Solucion temporal: Desactivar FortiCloud SSO CVE-2025-59718 / CVE-2025-59719 #fortinet #cibersegurid
@secnetnew
24 Jan 2026
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
FortiOS 7.4.9 faces active CVE-2025-59718 exploits via forged FortiCloud SSO. Ingram Micro ransomware exposed 42,521 records. EU moves to ban high-risk non-EU telecom gear amid rising hacktivist attacks. #Fortinet #RansomwareAttack #Europe https://t.co/7xpkQxpcxx
@TweetThreatNews
24 Jan 2026
217 Impressions
0 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
Fortinet confirms FortiCloud SSO exploitation bypassing patches for CVE-2025-59718 and CVE-2025-59719. Attackers automate account creation, enable VPNs, and extract configs from FortiGate devices. #FortiCloudBreach #NetworkSecurity #USA https://t.co/XSELNE3X3q
@TweetThreatNews
24 Jan 2026
160 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Fortinet confirms critical FortiCloud SSO bypass (CVE-2025-59718) remains unpatched. Automated attacks create VPN admin accounts and steal configs within seconds. Admin access restriction advised. #Fortinet #AuthBypass #InfoSec https://t.co/eJsyK3qlzs
@TweetThreatNews
24 Jan 2026
126 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
FortiGateのSSO認証バイパス脆弱性(CVE-2025-59718/59719)、パッチ適用済み環境でも新たな攻撃経路で悪用が確認されたとのこと。FortiCloud SSO利用中の場合は一時無効化が推奨されています。 https://t.co/JhRzmod5iv #サイ
@dejital_secure
24 Jan 2026
62 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
FortiGate firewalls patched with 7.4.10 are still vulnerable to CVE-2025-59718 auth bypass, allowing attackers to create admin accounts. Fortinet to release new fixes; FortiCloud SSO also affected. #Fortinet #AuthenticationFlaw #USA https://t.co/ya2506vnK2
@TweetThreatNews
24 Jan 2026
137 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Fortinet confirms active exploitation of CVE-2025-59718 / 59719, allowing FortiGate FortiCloud SSO bypass — even on fully patched devices.
@KPGlobalCharts
23 Jan 2026
77 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Active exploits reported on FortiOS 7.4.9 targeting CVE-2025-59718, a Fortinet SSO bypass vulnerability. Attackers use FortiCloud SSO to create unauthorized admin accounts and export configs. #Fortinet #SSOVulnerability #USA https://t.co/3Q0O8RSGOl
@TweetThreatNews
23 Jan 2026
106 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 Fortinet Confirms Active Exploitation of Critical FortiCloud SSO Auth Bypass Flaws (CVE-2025-59718/59719) Fortinet says attackers are actively exploiting critical FortiCloud SSO bypass bugs via crafted SAML requests on FortiOS/FortiWeb/FortiProxy/FortiSwitch Manager, creatin
@ThreatSynop
23 Jan 2026
60 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Fortinet Confirms Active FortiCloud SSO Bypass Still Hits Fully Patched FortiGate Firewalls Fortinet confirmed attackers are exploiting a patch-bypass path for FortiCloud SSO auth flaws (CVE-2025-59718 / CVE-2025-59719) using crafted SAML messages, allowing persistence via n
@ThreatSynop
23 Jan 2026
57 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Onderzoekers melden actief misbruik in FortiCloud van kwetsbaarheden met kenmerken CVE-2025-59718 en CVE-2025-59719. Lees hier onze update van het high/high beveiligingsadvies: https://t.co/OwAkGwvQKz
@ncsc_nl
23 Jan 2026
1218 Impressions
2 Retweets
4 Likes
0 Bookmarks
0 Replies
1 Quote
🚨 Fortinet Confirms Active Exploitation of FortiCloud SSO Auth Bypass Targeting Even Patched FortiGates Fortinet confirmed an automated campaign abusing FortiCloud SSO authentication-bypass flaws (CVE-2025-59718 / CVE-2025-59719) to create rogue admin accounts, exfiltrate
@ThreatSynop
23 Jan 2026
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Fortinet confirms active exploitation of CVE-2025-59718 / 59719, allowing FortiGate FortiCloud SSO bypass — even on fully patched devices. Attackers abuse crafted SAML logins to gain admin access, add persistent accounts, enable VPN, and steal configs. Disabling FortiClou
@TheHackersNews
23 Jan 2026
14312 Impressions
62 Retweets
141 Likes
29 Bookmarks
1 Reply
3 Quotes
🚨 Fortinet Confirms FortiCloud Auth Bypass Still Exploitable Despite Previous Patch Fortinet confirmed attackers are still exploiting a critical FortiCloud SSO authentication bypass (CVE-2025-59718) via a patch-bypass technique, allowing them to create rogue admin/VPN accounts
@ThreatSynop
23 Jan 2026
41 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Fortinet: Vulnerability, Lawsuit, Analyst Cuts Now: Fortinet (FTNT) saw a week of concrete headwinds: an actively exploited FortiCloud/SSO vulnerability (CVE-2025-59718), a class-action lawsuit tied to firewall refresh disclosures, … #stockmarket #ftnt https://t.co/DuzAfjiU9h
@equityswarmX
23 Jan 2026
44 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-59718, -19: Improper Verification of Cryptographic Signature in Fortinet devices, 9.8 rating 🔥 Fortinet have discovered exploitation of old vulns that bypassed patches. Review the mitigation recoms. Search at https://t.co/hv7QKSqxTR: 👉 Link: https://t.co/T2imWFII
@Netlas_io
23 Jan 2026
633 Impressions
6 Retweets
10 Likes
5 Bookmarks
0 Replies
0 Quotes
📢 𝐍𝐞𝐰 𝐂𝐕𝐄 𝐚𝐧𝐚𝐥𝐲𝐬𝐢𝐬 𝐣𝐮𝐬𝐭 𝐝𝐫𝐨𝐩𝐩𝐞𝐝! Threat actors exploit FortiCloud SSO to reconfigure FortiGate firewalls. Get the full breakdown of CVE-2025-59718 and how to defend against these rapid attacks. 📖 Ch
@PurpleOps_io
23 Jan 2026
73 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Fortinetは、FortiGateを狙った攻撃で新たな攻撃経路が使われていると明らかにした。2025年12月に公表されたCVE-2025-59718およびCVE-2025-59719はFortiCloudのSSO機能を悪用した認証回避だったが、今回は修正後の最新版でも
@yousukezan
23 Jan 2026
1163 Impressions
5 Retweets
14 Likes
2 Bookmarks
0 Replies
0 Quotes
Starting January 15, 2026, attackers exploited CVE-2025-59718 and CVE-2025-59719 to bypass FortiCloud SSO on FortiGate devices, altering firewall configs, creating admin accounts, and exporting sensitive data. #FortiGateAttacks #SSOBypass #USA https://t.co/dZsIDyQaGO
@TweetThreatNews
23 Jan 2026
145 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
A new cluster of automated malicious activity involving unauthorized firewall configuration changes on FortiGate devices. CVE-2025-59718 & CVE-2025-59719 #IOC https://t.co/X1i6yIgOxh
@blackorbird
23 Jan 2026
2529 Impressions
10 Retweets
30 Likes
6 Bookmarks
2 Replies
0 Quotes
csirt_it: ‼️ #Exploited #Fortinet: rilevato possibile bypass di aggiornamenti rilasciati a Dicembre per le CVE-2025-59718 e CVE-2025-59719 🔗 https://t.co/cOKFFdSy7P https://t.co/abBVDuijyQ
@Vulcanux_
22 Jan 2026
164 Impressions
1 Retweet
2 Likes
0 Bookmarks
0 Replies
0 Quotes
‼️ #Exploited #Fortinet: rilevato possibile bypass di aggiornamenti rilasciati a Dicembre per le CVE-2025-59718 e CVE-2025-59719 🔗 https://t.co/EMOH8biqER https://t.co/7RoZa7D4qH
@csirt_it
22 Jan 2026
231 Impressions
0 Retweets
4 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 𝐅𝐫𝐞𝐬𝐡 𝐂𝐕𝐄 𝐚𝐥𝐞𝐫𝐭 𝐣𝐮𝐬𝐭 𝐢𝐧! Fortinet patches failed to stop CVE-2025-59718. Discover how attackers bypassed fixes and what actions your security team must take now. 🔗 Read the full breakdown → https://t.co/9zLghuZr8
@PurpleOps_io
22 Jan 2026
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ @Fortinet customers report patched FortiGate firewalls still being compromised, linked to an authentication bypass vulnerability. Admins say activity resembles earlier CVE-2025-59718 exploitation, even after recent updates. How should teams respond when patches don’t
@TechNadu
22 Jan 2026
83 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Patched Fortinet firewalls are being compromised. The patch for CVE-2025-59718 was released. But attackers are still bypassing SSO authentication on updated devices. They’re stealing firewall configs & creating backdoor accounts. A failed patch cycle creates a false
@photogrim_
22 Jan 2026
52 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
FortiGate يعاني من ثغرة CVE-2025-59718 حتى بعد التحديث؟ فريق، فيه تقارير تشير إلى أن بعض أجهزة FortiGate لازالت عرضة للخطر بسبب ثغرة CVE-2025-59718، حتى الأجهزة اللي تم تحديثها
@MisbarSec
22 Jan 2026
68 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-59718, a critical authentication bypass vulnerability in FortiGate firewalls, continues to be exploited despite claims of fixes in FortiOS versions 7.4.9 and above. https://t.co/xrBYYHVYSO
@securityRSS
22 Jan 2026
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Fortinet admins report patched FortiGate firewalls getting hacked 以前に修正された重要な認証脆弱性(CVE-2025-59718)のパッチバイパスを悪用。修正済みのFortiGateファイアウォールがハッキングされる事例が報告 修正を含む新
@johntheMAT
22 Jan 2026
56 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
In early December, Fortinet released an advisory for two critical authentication bypass vulnerabilities (CVE-2025-59718 and CVE-2025-59719). Shortly after disclosure, Arctic Wolf began observing intrusions involving malicious SSO logins on FortiGate appliances. Malicious logins
@DCWebGuy
22 Jan 2026
55 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Fortinet SSO Flaw (CVE-2025-59718) Still Abused to Compromise “Patched” FortiGate Firewalls Reports show attackers continue exploiting a FortiCloud SSO authentication bypass tied to CVE-2025-59718 to create unauthorized local admin accounts on FortiGate devices, even aft
@ThreatSynop
22 Jan 2026
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Automated FortiGate Attacks Exploit FortiCloud SSO to Create Admins and Alter Firewall Settings Arctic Wolf reports a new automated attack cluster abusing FortiCloud SSO weaknesses (linked to CVE-2025-59718/59719 activity) to create persistent admin accounts, modify configs
@ThreatSynop
22 Jan 2026
60 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Fortinet customers are reporting that attackers are exploiting a previously fixed vulnerability (CVE-2025-59718) to hack patched firewalls. https://t.co/rR9xe99g0m
@GuardingPearSof
22 Jan 2026
41 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
パッチ済みのFortiGateがCVE-2025-59718経由で侵害された:管理者らが報告 | Codebook|Security News https://t.co/sLXLqPoeCN
@ohhara_shiojiri
22 Jan 2026
25 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Automated attacks bypass Fortinet firewalls. What looked like routine ops was a critical SSO auth bypass (CVE-2025-59718). Attackers altered configs, exfiltrated data, and created persistent backdoors. The most worrying part? Even fully patched devices are reportedly being
@photogrim_
22 Jan 2026
54 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ CVE-2025-59718 – Des firewalls FortiGate piratés malgré l’installation des derniers patchs Tous les détails par ici 👇 - https://t.co/qdmmtUDJzK #Fortinet #FortiGate #infosec #cybersecurite https://t.co/z95fE5xt6e
@ITConnect_fr
22 Jan 2026
2463 Impressions
8 Retweets
24 Likes
8 Bookmarks
0 Replies
0 Quotes
🚨 Fortinet FortiGate under automated SSO abuse. Attackers exploit CVE-2025-59718/59719 to add admin users, enable VPN access, and export firewall configs within seconds, per Arctic Wolf. 🔗 Learn what’s happening and what to disable → https://t.co/thH7LT7P3W
@TheHackersNews
22 Jan 2026
6728 Impressions
25 Retweets
52 Likes
17 Bookmarks
0 Replies
1 Quote
מה יהיה.... משתמשים מדווחים כי תוקפים הצליחו לפרוץ דרך מכשיר FortiGate, תוך ניצול החולשה CVE-2025-59718, למרות שהמכשיר מעודכן לגרסה האחרונה. משתמש ברדיט טוען כי החברה
@CyberIL
22 Jan 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FD1BE28E-8FDA-4DA9-9DA8-EF5266CD3C54",
"versionEndExcluding": "7.0.22",
"versionStartIncluding": "7.0.0"
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4B2E82CF-00E9-4D67-B472-E54A325F87FC",
"versionEndExcluding": "7.2.15",
"versionStartIncluding": "7.2.0"
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F989EFB6-A5C9-414B-A85B-786D309B41AF",
"versionEndExcluding": "7.4.11",
"versionStartIncluding": "7.4.0"
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "11CA0204-FD63-4614-821E-E2C4E34F7979",
"versionEndExcluding": "7.6.4",
"versionStartIncluding": "7.6.0"
},
{
"criteria": "cpe:2.3:a:fortinet:fortiswitchmanager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F1B9AA70-BB46-403B-94C1-D94C64E22334",
"versionEndExcluding": "7.0.6",
"versionStartIncluding": "7.0.0"
},
{
"criteria": "cpe:2.3:a:fortinet:fortiswitchmanager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EE22A407-02CB-4979-A38D-9EBAFEB350F6",
"versionEndExcluding": "7.2.7",
"versionStartIncluding": "7.2.0"
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BCEB8B8A-797C-4E5E-BCDB-A54EB83AD8A2",
"versionEndExcluding": "7.0.18",
"versionStartIncluding": "7.0.0"
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E8FAAA2E-7A53-4F6B-A9C7-1E2B4CB5F7EB",
"versionEndExcluding": "7.2.12",
"versionStartIncluding": "7.2.0"
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2093EFE3-4B7F-4806-9850-C42B26BC64AC",
"versionEndExcluding": "7.4.9",
"versionStartIncluding": "7.4.0"
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C1C30E0D-7F09-42D2-9EB1-E2196BD50D75",
"versionEndExcluding": "7.6.4",
"versionStartIncluding": "7.6.0"
}
],
"operator": "OR"
}
]
}
]