Fortinet FortiSandbox hit by three critical CVEs (CVSS 9.1)

🔗 https://cybersecurefox.com/en/fortinet-fortisandbox-three-critical-cves-cvss-9-1

#Fortinet #FortiSandbox #vulnerabilities #FortiSandbox #Cloud #FortiSandbox #PaaS #CVE-2026-39813 #CVE-2026-39808

Fortinet FortiSandbox 4.4.0-4.4.8 - OS Command Injection via tracer-behavior Endpoint

https://gitlab.com/error.inside/CVE-2026-39808

#cve #vulnerability #exploit #poc #fortinet #fortisandbox

Critical #Fortinet #FortiSandbox flaws now exploited in attacks

https://www.bleepingcomputer.com/news/security/critical-fortinet-fortisandbox-flaws-now-exploited-in-attacks/

#cybersecurity

Fortinet Sandbox Flaws Under Active Exploitation

Critical Fortinet Sandbox vulnerabilities are under active attack, with hackers exploiting flaws like CVE-2026-39813, a severe path traversal bug that allows authentication bypass. Fortinet patched these bugs in April, but users must upgrade ASAP to avoid being compromised.

https://osintsights.com/fortinet-sandbox-flaws-under-active-exploitation?utm_source=mastodon&utm_medium=social

#Fortinet #Fortisandbox #Cve202639813 #PathTraversal #AuthenticationBypass

Attackers are actively exploiting critical Fortinet FortiSandbox vulnerabilities, including unauthenticated RCEs like CVE-2026-25089, despite patches being available since April. This incident highlights the alarming acceleration of exploit development, transforming a crucial security defense into a direct network compromise vector. Organizations must prioritize immediate patching.

https://www.tpp.blog/wwbyt4d

#cybersecurity #fortinet #fortisandbox

🤖 This post was AI-generated.

Fortinet Flaws Exposed to Active Exploitation

Critical vulnerabilities in Fortinet's FortiSandbox platform are under active attack, with multiple flaws, including CVE-2026-39813, CVE-2026-39808, and CVE-2026-25089, being exploited by hackers just 24 hours after security updates were issued.

https://osintsights.com/fortinet-flaws-exposed-to-active-exploitation?utm_source=mastodon&utm_medium=social

#Fortinet #Fortisandbox #Cve202639813 #Cve202639808 #Cve202625089

#Fortinet warns of critical RCE flaws in #FortiSandbox and #FortiAuthenticator

https://www.bleepingcomputer.com/news/security/fortinet-warns-of-critical-rce-flaws-in-fortisandbox-and-fortiauthenticator/

#cybersecurity

#BSI WID-SEC-2025-0347: [NEU] [mittel] #Fortinet #FortiSandbox: Schwachstelle ermöglicht Cross-Site Scripting

Ein entfernter, authentisierter Angreifer kann eine Schwachstelle in Fortinet FortiSandbox ausnutzen, um einen Cross-Site Scripting Angriff durchzuführen.

https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0347

#BSI WID-SEC-2024-2101: [NEU] [niedrig] #Fortinet #FortiSandbox: Schwachstelle ermöglicht Offenlegung von Informationen

Ein entfernter, authentisierter Angreifer kann eine Schwachstelle in Fortinet FortiSandbox ausnutzen, um Informationen offenzulegen.

https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-2101

Happy Patch Tuesday from your friends at Fortinet. 13 security advisories, 15 vulnerabilities. No mention of exploitation in the wild:

• FG-IR-23-087 CVE-2023-45590 (9.6 critical) [FortiClient Linux] Remote Code Execution due to dangerous nodejs configuration
• FG-IR-23-345 CVE-2023-45588 and CVE-2024-31492 (8.2 high) FortiClientMac - Lack of configuration file validation
• FG-IR-23-419 CVE-2023-47542 (6.7 medium) FortiManager - Code Injection via Jinja Template
• FG-IR-23-288 CVE-2023-48785 (4.8 medium) FortiNAC-F - Lack of certificate validation
• FG-IR-23-413 CVE-2023-48784 (6.7 medium) FortiOS - Format String in CLI command
• FG-IR-23-224 CVE-2024-23662 (5.3 medium ) FortiOS - Web server ETag exposure
• FG-IR-23-493 CVE-2023-41677 (7.5 high) FortiOS & FortiProxy - administrator cookie leakage
• FG-IR-23-454 CVE-2024-23671 (8.1 high) FortiSandbox - Arbitrary file delete on endpoint
• FG-IR-24-060 CVE-2024-31487 (5.9 medium) FortiSandbox - Arbitrary file read on endpoint
• FG-IR-23-416 CVE-2023-47541 (6.7 medium) FortiSandbox - Arbitrary file write on CLI leading to arbitrary code execution
• FG-IR-23-411 CVE-2023-47540 (6.7 medium) FortiSandbox - Command injection impacting CLI command
• FG-IR-23-489 CVE-2024-21755 and CVE-2024-21756 (8.8 high) FortiSandbox - OS command injection on endpoint
• FG-IR-24-009 CVE-2024-26014 (5.3 medium) SMTP Smuggling (analyst note: third party vulnerability)

#PatchTuesday #Fortinet #FortiManager #vulnerability #FortiSandbox #FortiOS #FortiProxy