Comparison with Other Security Breaches
Fortinet recently confirmed that its fully patched firewalls are being hacked due to a critical FortiCloud SSO authentication bypass vulnerability. This is not the first time a security company has faced such an issue. Comparing this to other security breaches, we can see that similar attacks have been reported by other companies, such as Arctic Wolf, which documented incidents in December following the disclosure of the CVE-2025-59718 critical vulnerability in Fortinet products.
Impact and Comparison with Competitors
In comparison to other security companies, Fortinet's vulnerability has been exploited to compromise fully patched firewalls, with attackers creating accounts with VPN access and stealing firewall configurations within seconds. This is similar to attacks on other companies' products, such as those reported by Cybersecurity company Arctic Wolf. However, the speed and automation of these attacks are comparable to more sophisticated attacks seen in the industry.
Recommendations and Comparison with Best Practices
Until Fortinet fully addresses the CVE-2025-59718 vulnerability, customers are advised to restrict administrative access to their edge network devices via the Internet by applying a local-in policy that limits the IP addresses that can access the devices' administrative interfaces. This is a common best practice in the industry, and comparable to recommendations made by other security companies.