• 2 min read
FortiSandbox bug hits CISA KEV as attacks spread
CISA added CVE-2026-25089 to KEV on July 16 after active exploitation. The FortiSandbox flaw is an unauthenticated command injection in the web UI.

Image: Hacker News
CVE-2026-25089, a critical Fortinet FortiSandbox flaw, was added to CISA’s Known Exploited Vulnerabilities catalog on July 16, 2026, after exploitation attempts were reported in mid-June. The vulnerability is an unauthenticated OS command injection in the product’s web interface, tied to the “start VNC” feature, where an attacker can inject shell metacharacters through JSON payloads in HTTP requests.
Fortinet’s CNA record assigns the bug a CVSS score of 9.8, while the company’s PSIRT advisory lists it at 9.1. NVD has not published an independent score. According to the source, no authentication or user interaction is required, and attack complexity is low. For applicable FCEB systems, CISA set a July 19, 2026 remediation deadline under BOD 26-04.
Affected versions and fixes
The source says the following versions are affected:

Recommended reading
ReasonGate blocks prompt injection before the LLM runs
- FortiSandbox 4.2.x: all versions
- FortiSandbox 4.4.0–4.4.8
- FortiSandbox 5.0.0–5.0.5
- FortiSandbox Cloud 5.0.4–5.0.5
- FortiSandbox PaaS 5.0.4–5.0.5
Fixed releases are:
- FortiSandbox 4.4.9+
- FortiSandbox 5.0.6+
- Cloud and PaaS 5.0.6+
The source notes a gap for 4.2.x: the CNA record lists it as affected, but Fortinet’s advisory does not provide a remediation path, advising customers to contact Fortinet for migration guidance.
This is the third FortiSandbox vulnerability exploited in the wild in 2026 within two months. The other two are:
- CVE-2026-39808: OS command injection, exploitation observed June 12 by KEVIntel
- CVE-2026-39813: path traversal leading to authentication bypass, exploitation observed June 15 by Defused
Exposure and response guidance
Threat intelligence firm Defused reportedly detected exploitation attempts against all three CVEs on honeypots. That matters because FortiSandbox feeds threat verdicts into other Fortinet products including FortiGate, FortiMail, FortiWeb, and FortiProxy, which can use those verdicts to enforce blocks and trigger automated responses.
The source recommends patching immediately and ensuring systems are updated for all three vulnerabilities. If that is not possible, organizations should restrict the management web UI from untrusted networks and keep port 443 off the public internet. It also advises reviewing connected Fortinet workflows and logs for unusual verdicts, configuration changes, suspicious requests to VNC-related endpoints, unexpected outbound traffic, new accounts, or modified system settings.
Fortinet tracks the issue in advisory FG-IR-26-141.
Security Editor
Sophia unpacks the invisible wars happening on our networks. Covering cybersecurity, privacy legislation, and cryptography, she exposes how our data is weaponized and defended. Before joining for(geeks), she spent years as a penetration tester. She's the reason the rest of the team uses physical security keys.
via Hacker News


