Fortinet, Ivanti, and SAP Address Critical Security Vulnerabilities

Urgent Patches Released for Authentication and Code Execution Flaws

Fortinet, Ivanti, and SAP have issued critical security updates to remediate vulnerabilities that could lead to authentication bypass and remote code execution, affecting a broad spectrum of enterprise software. The flaws, ranging in severity, require immediate attention to prevent potential exploitation.

These vulnerabilities highlight the persistent challenge of secure software development; even established vendors struggle to eliminate critical flaws before deployment. The potential impact of successful exploits ranges from data breaches and system compromise to significant financial and reputational damage – a single flaw like CVE-2025-10573 can allow attackers to hijack administrator sessions.

Key Insights

• CVE-2025-59718/59719 (Fortinet, 2025): Improper cryptographic signature verification in FortiOS allows unauthenticated attackers to bypass login.
• SAML Vulnerabilities: Flaws in SAML implementations (like in Fortinet’s case) are common attack vectors for identity theft and privilege escalation.
• Rapid7’s Role: Security researchers like Ryan Emmons at Rapid7 are crucial in identifying and reporting vulnerabilities like CVE-2025-10573, accelerating the patching process.

Working Example

config system global
set admin-forticloud-sso-login disable
end

Practical Applications

• Managed Service Providers: MSPs managing infrastructure for multiple clients must prioritize patching these vulnerabilities across all affected systems.
• Pitfall: Delaying patching due to perceived low risk or operational disruption can create a window of opportunity for attackers, leading to significant consequences.

References:

• https://thehackernews.com/2025/12/fortinet-ivanti-and-sap-issue-urgent.html