FortiCloud SSO Authentication Bypass Exploited

What happened

An authentication bypass vulnerability affecting FortiCloud Single Sign-On was confirmed to be actively exploited. The flaw allows attackers with a FortiCloud account to authenticate to unrelated Fortinet devices when SSO is enabled. The vulnerability was added to the Known Exploited Vulnerabilities catalog.

Who is affected

Fortinet devices with FortiCloud SSO enabled are directly exposed to exploitation.

Why CISOs should care

Authentication bypass vulnerabilities undermine administrative access controls across network security infrastructure.

3 practical actions

Inventory FortiCloud SSO usage. Identify enabled systems.
Apply available patches. Update affected products.
Review authentication logs. Monitor for anomalous access activity.

John Kevin Hao

+ posts

John Kevin Hao is a news and feature writer covering cybersecurity, technology, and business targeted for professional audiences.

FortiCloud SSO Authentication Bypass Exploited

Related

New Fortinet FortiClient EMS Flaw Exploited in Attacks as Emergency Patch Is Released

Critical Fortinet FortiClient EMS Flaw Now Exploited in Attacks

FortiGate Firewalls Exploited in Automated Attacks to Steal Configuration Data

Open‑Source CyberStrikeAI Weaponized in Global Attacks on Fortinet FortiGate Appliances

3,280,081 Fortinet Devices Found Online With Exposed Web Properties

What happened

Who is affected

Why CISOs should care

3 practical actions

John Kevin Hao

CISO Diaries: Carlos García Batista on Cyber Resilience in Emergency Services

Gartner Security & Risk Management Summit 2026: 12 Cybersecurity Companies to Watch

FortiCloud SSO Authentication Bypass Exploited

Related

What happened

Who is affected

Why CISOs should care

3 practical actions

Subscribe to our stories