**Article:**
Cybercriminals have taken advantage of a security weakness in FortiCloud’s single sign-on (SSO) system to bypass authentication measures and gain unauthorized access to Fortinet security devices. While Fortinet has released temporary mitigations to address the issue, a full patch has not yet been made available.
Security experts recommend that organisations using Fortinet products implement strict access controls and continuously monitor their firewall and network security devices for unusual activity. The vulnerability highlights the importance of timely updates and vigilance in managing cloud-based authentication systems.
Fortinet continues to investigate the flaw and is expected to provide a comprehensive solution in the near future. Users are advised to follow official guidance and apply recommended security measures until a permanent fix is released.
**Why this matters**
Fortinet’s security products are widely used to protect enterprise networks, making vulnerabilities in their systems a significant concern. Exploitation of the FortiCloud SSO flaw could allow attackers to compromise critical infrastructure, leading to data breaches or network disruptions. Ensuring robust access management and monitoring helps reduce the risk of such attacks while vendors work to resolve security issues.
Source: NewsData