CISA Warns Attackers Are Exploiting Critical FortiSandbox Command Injection Flaws


CISA has warned that attackers are actively exploiting two critical Fortinet FortiSandbox vulnerabilities that allow remote command execution without authentication.

The flaws, tracked as CVE-2026-39808 and CVE-2026-25089, can let an attacker send malicious HTTP requests that cause a vulnerable FortiSandbox system to run unauthorized operating-system commands.

CISA added both vulnerabilities to its Known Exploited Vulnerabilities catalog on July 16, 2026. U.S. Federal Civilian Executive Branch agencies must complete the required remediation by July 19.

What Are the FortiSandbox Vulnerabilities?

Both vulnerabilities fall under CWE-78, Improper Neutralization of Special Elements Used in an OS Command. This weakness is commonly known as OS command injection.

Command injection occurs when an application places untrusted input into an operating-system command without safely validating or separating that input. An attacker can insert shell characters or additional commands that the server then executes.

CISA confirmed exploitation in its July 16 KEV announcement. The agency has not disclosed the attackers’ identities, targeted organizations, malware families, or complete exploitation chains.

VulnerabilityAffected componentAttack methodAuthenticationCVSS
CVE-2026-39808FortiSandbox API endpointCrafted HTTP requestNot required9.8, Critical
CVE-2026-25089FortiSandbox web interface and start VNC featureCrafted JSON data in an HTTP requestNot required9.8, Critical

CVE-2026-39808 Targets a FortiSandbox API Endpoint

CVE-2026-39808 is an unauthenticated OS command injection vulnerability in the FortiSandbox API. An attacker can exploit it remotely by sending a crafted HTTP request to a reachable vulnerable system.

The Fortinet FG-IR-26-100 advisory identifies FortiSandbox 4.4.0 through 4.4.8 as affected. Administrators should upgrade to FortiSandbox 4.4.9 or later.

Fortinet says FortiSandbox 5.0 is not affected by CVE-2026-39808. The vendor also states that FortiSandbox PaaS 5.0 is not affected and requires no action for this specific vulnerability.

Product branchCVE-2026-39808 statusRequired action
FortiSandbox 4.4.0 through 4.4.8AffectedUpgrade to 4.4.9 or later
FortiSandbox 5.0Not affectedNo action for this CVE
FortiSandbox PaaS 5.0Not affectedNo action for this CVE

The CVE-2026-39808 record gives the flaw a CVSS 3.1 score of 9.8. Its attack vector indicates network access, low attack complexity, no required privileges, and no user interaction.

CVE-2026-25089 Affects More FortiSandbox Products

CVE-2026-25089 has a broader affected-product list. It is a second-order command injection vulnerability involving JSON input supplied to the start VNC function in the FortiSandbox web interface.

The Fortinet FG-IR-26-141 advisory says an unauthenticated attacker can execute unauthorized commands through specially crafted HTTP requests.

The vulnerability affects locally managed FortiSandbox appliances as well as specific FortiSandbox Cloud and FortiSandbox PaaS versions. FortiSandbox 5.2 and the corresponding 5.2 cloud and PaaS services are not affected.

ProductAffected versionsFixed version or status
FortiSandbox5.0.0 through 5.0.5Upgrade to 5.0.6 or later
FortiSandbox4.4.0 through 4.4.8Upgrade to 4.4.9 or later
FortiSandbox4.2, all versionsMigrate to a supported fixed release
FortiSandbox Cloud5.0.4 through 5.0.5Upgrade to 5.0.6 or later
FortiSandbox PaaS5.0.4 through 5.0.5Upgrade to 5.0.6 or later
FortiSandbox 5.2Not affectedNo action for this CVE
FortiSandbox Cloud 5.2Not affectedNo action for this CVE
FortiSandbox PaaS 5.2 and 23.4Not affectedNo action for this CVE

The CVE-2026-25089 record also lists FortiSandbox 4.2 as affected. Fortinet’s current remediation table does not provide a fixed 4.2 release, so organizations still using that branch should migrate or contact Fortinet support.

Why FortiSandbox Command Execution Is High Risk

FortiSandbox analyzes suspicious files, URLs, documents, and other potentially malicious content. Organizations may integrate it with email security, firewalls, network sensors, and security operations platforms.

Command execution on a sandbox appliance can provide access to sensitive analysis data, configuration information, credentials, malware samples, and connected systems. The actual impact depends on the permissions of the vulnerable service and the surrounding network architecture.

Attackers could potentially use command execution to install malware, create persistent access, steal credentials, change configurations, disrupt analysis services, or use the FortiSandbox system as a starting point for lateral movement. CISA has not confirmed which post-exploitation actions have occurred in the observed attacks.

  • Execute commands through a vulnerable service
  • Collect device and network configuration data
  • Search for stored credentials or authentication material
  • Create new accounts or persistence mechanisms
  • Disable or interfere with security monitoring
  • Connect to internal systems reachable from the appliance
  • Install web shells or other remote-access tools

CISA Sets a July 19 Remediation Deadline

The CISA KEV notice requires federal civilian agencies to remediate both vulnerabilities by July 19, 2026.

The mandatory deadline applies to Federal Civilian Executive Branch agencies. Private companies and other organizations are not directly bound by that deadline, but CISA encourages all FortiSandbox administrators to prioritize the updates.

CISA directs agencies to follow Fortinet’s mitigations, BOD 26-04 risk-based patching guidance, and its Forensics Triage Requirements. Organizations must assess whether each affected system is exposed to the internet.

  1. Identify every FortiSandbox, FortiSandbox Cloud, and FortiSandbox PaaS deployment.
  2. Record the installed product branch and exact version.
  3. Determine whether the web interface or API is reachable from the internet.
  4. Apply the fixed Fortinet release for each affected product.
  5. Verify that the upgrade completed successfully.
  6. Perform forensic triage for possible earlier exploitation.
  7. Disconnect affected systems when patches or mitigations are unavailable.

Fortinet Advisories Have Not Yet Updated the Exploitation Field

Fortinet’s advisory pages currently show “Known Exploited: No” for both vulnerabilities. CISA’s later KEV additions supersede that status for operational risk decisions because they confirm evidence of exploitation.

The CVE-2026-39808 Fortinet advisory was initially published on April 14. A public exploit reference later appeared in the vulnerability record before CISA added the flaw to KEV.

Fortinet published the CVE-2026-25089 advisory on June 9. CISA changed the vulnerability’s exploitation status from none to active on July 16.

Administrators Should Hunt for Compromise After Patching

Installing the fixed software closes the known vulnerabilities, but it does not remove commands, accounts, malware, or persistence created through earlier exploitation.

Security teams should review web-interface, API, system, authentication, and network logs for suspicious activity. They should compare affected systems with known-good configurations and investigate unexpected processes or file changes.

The CVE-2026-39808 history shows that CISA classifies exploitation as active, automatable, and capable of total technical impact. Internet-facing systems deserve immediate investigation even if administrators have not observed obvious disruption.

  • Review HTTP requests sent to FortiSandbox API and web endpoints.
  • Look for malformed parameters, suspicious JSON input, and unusual request volume.
  • Investigate unexpected child processes launched by web or API services.
  • Search for new executable files, scripts, scheduled tasks, and startup entries.
  • Review newly created or modified administrative accounts.
  • Inspect outbound connections to unfamiliar addresses.
  • Check integrations for stolen or misused credentials.
  • Preserve logs and disk evidence before rebuilding a suspected system.

Cloud and PaaS Customers Must Confirm Their Service Version

CVE-2026-25089 affects FortiSandbox Cloud and FortiSandbox PaaS versions 5.0.4 through 5.0.5. Customers should confirm whether Fortinet has already upgraded their managed environment or whether tenant-level action remains necessary.

The CVE-2026-25089 KEV entry directs users to follow the applicable BOD 26-04 cloud-service guidance. If mitigations are unavailable, CISA recommends discontinuing use until the risk has been addressed.

Organizations should not assume that a cloud-hosted security product is automatically outside their vulnerability-management program. Asset owners still need to verify service versions, review provider notices, collect relevant logs, and document remediation.

FAQ

Which FortiSandbox vulnerabilities are being exploited?

CISA has confirmed active exploitation of CVE-2026-39808 and CVE-2026-25089, two critical OS command injection vulnerabilities.

Do attackers need FortiSandbox credentials to exploit the flaws?

No. Both vulnerabilities can be exploited remotely without authentication by sending specially crafted HTTP requests to a reachable vulnerable system.

Which version fixes CVE-2026-39808?

FortiSandbox 4.4 users should upgrade to version 4.4.9 or later. FortiSandbox 5.0 and FortiSandbox PaaS 5.0 are not affected by this specific flaw.

Which version fixes CVE-2026-25089?

Affected 5.0 deployments should upgrade to 5.0.6 or later, while FortiSandbox 4.4 users should upgrade to 4.4.9 or later. Organizations using the affected 4.2 branch should migrate to a supported fixed release.

When is CISA’s FortiSandbox remediation deadline?

Federal Civilian Executive Branch agencies must complete the required remediation by July 19, 2026. Other organizations should also patch immediately because exploitation is active.

Is patching enough after a FortiSandbox server may have been exploited?

No. Administrators should also perform forensic triage for unexpected commands, new accounts, malicious files, persistence, suspicious network connections, and credential misuse.

Readers help support VPNCentral. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help VPNCentral sustain the editorial team Read more

User forum

0 messages