- Fortinet fixed critical vulnerabilities in FortiOS and related products involving improper cryptographic signature verification.
- Ivanti released patches for Endpoint Manager, including a high-severity stored cross-site scripting flaw.
- SAP addressed 14 vulnerabilities, with three rated critical for code injection, Apache Tomcat, and deserialization issues.
- Users are advised to update affected products promptly and disable vulnerable features as temporary protection.
Fortinet, Ivanti, and SAP issued security updates in December 2025 to fix critical vulnerabilities that could allow attackers to bypass authentication or execute code. These flaws affect various products including Fortinet’s FortiOS and FortiCloud SSO login, Ivanti’s Endpoint Manager, and multiple SAP solutions.
The flaws in Fortinet products, tracked as CVE-2025-59718 and CVE-2025-59719 with CVSS scores of 9.8, involve improper verification of cryptographic signatures. This can allow an attacker to bypass FortiCloud single sign-on authentication by sending a crafted SAML message, if the feature is enabled. Fortinet warned that FortiCloud SSO is not enabled by default but can be disabled temporarily via system settings or CLI commands as described in their advisory at Fortinet’s security advisory.
Ivanti addressed four flaws in Endpoint Manager, including a critical stored cross-site scripting (XSS) vulnerability, CVE-2025-10573, scored 9.6. This flaw allows unauthenticated attackers to inject malicious JavaScript into the administrator’s dashboard by joining fake managed endpoints to the server. The issue, discovered by Rapid7 researcher Ryan Emmons, requires an administrator’s passive interaction to trigger code execution. Ivanti confirmed no known active exploitation and patched the issue in Endpoint Manager version 2024 SU4 SR1. Additional high-severity vulnerabilities patched include CVE-2025-13659, CVE-2025-13661, and CVE-2025-13662, the last also related to improper cryptographic signature verification. Details are available in Ivanti’s update note at Ivanti’s security advisory.
SAP released updates for 14 vulnerabilities, including three critical bugs: CVE-2025-42880 (CVSS 9.9), a code injection flaw in SAP Solution Manager; CVE-2025-55754 (CVSS 9.6), multiple issues in Apache Tomcat within SAP Commerce Cloud; and CVE-2025-42928 (CVSS 9.1), a deserialization vulnerability in SAP jConnect SDK for Sybase Adaptive Server Enterprise. The first and third were reported by SAP security firm Onapsis, which emphasized the urgency of patching SAP Solution Manager due to its central role. Exploiting the jConnect SDK flaw requires elevated privileges. SAP’s full update details can be found at their official page SAP December security notes.
Organizations using these products should promptly apply updates and disable vulnerable features as interim safeguards to prevent exploitation.
✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.
Previous Articles:
- AI Chatbots Can Shift Voter Preferences by Up to 15% in Studies
- Canton Network Completes 2nd Onchain US Treasury Finance Round
- Microsoft Stock Dips Amid AI Concerns, Rally Possible in 2025
- U.S. Bitcoin Bulls Face Declines During Market Hours, New ETF Launches
- US Banks Allowed as Intermediaries in Crypto Transactions, Says OCC
