Security teams across multiple industries are racing to deploy urgent updates after Fortinet, Ivanti, and SAP released patches for high risk vulnerabilities that could allow attackers to bypass authentication controls or execute malicious code.
The newly disclosed flaws are considered especially dangerous because of their potential to provide remote, unauthenticated access to critical systems at scale.
Fortinet Addresses Severe Signature Verification Weakness
Fortinet confirmed that two critical vulnerabilities, identified as CVE-2025-59718 and CVE-2025-59719 with CVSS scores of 9.8, affect FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager. Both issues stem from improper cryptographic signature verification.
According to Fortinet, attackers could exploit the weakness by sending a crafted SAML message to bypass FortiCloud SSO authentication. This only applies if administrators have manually enabled FortiCloud SSO login, since it is disabled by default.
Organizations that cannot patch immediately are advised to temporarily disable FortiCloud SSO login through the dashboard or the following CLI commands:
config system global
set admin-forticloud-sso-login disable
end
Ivanti Patches Critical XSS Vulnerability in Endpoint Manager
Ivanti has rolled out fixes for four flaws in its Endpoint Manager (EPM). The most severe, CVE-2025-10573 with a CVSS score of 9.6, is a stored cross site scripting issue that allows a remote attacker to execute malicious JavaScript within an administrator session.
Researchers from Rapid7, who discovered the flaw, noted that an attacker can send a fake device report to the EPM server. Once the administrator views the modified dashboard, the attacker gains control of their session.
Ivanti also addressed three high severity vulnerabilities, CVE-2025-13659, CVE-2025-13661, and CVE-2025-13662. One of them, CVE-2025-13662, also involves improper cryptographic signature validation.
The company confirmed that there is no evidence of active exploitation so far, but emphasized the need for urgent patching.
SAP Fixes Multiple Critical Security Issues
SAP released its December security updates which include fixes for 14 vulnerabilities. Three of them are classified as critical:
• CVE-2025-42880, CVSS 9.9, code injection in SAP Solution Manager
• CVE-2025-55754, CVSS 9.6, multiple Apache Tomcat issues in SAP Commerce Cloud
• CVE-2025-42928, CVSS 9.1, deserialization flaw in SAP jConnect SDK for Sybase ASE
Security firm Onapsis reported two of these vulnerabilities and warned that SAP Solution Manager plays a central administrative role, which elevates the impact of potential exploitation.
Since cybercriminals frequently target enterprise software from Fortinet, Ivanti, and SAP, experts recommend applying the latest patches without delay to prevent authentication bypass, remote code execution, and potential breaches.
Found this article interesting? Follow us on Twitter , Facebook, Blue sky and LinkedIn to read more exclusive content we post.
