Today's cybersecurity headlines are brought to you by ThreatPerspective


Ethical Hacking News

Fortinet's Critical Sandbox Flaws Exploited by Attackers: A Growing Concern for Cybersecurity



Fortinet has been hit with two critical sandbox flaws that are being actively exploited by attackers, highlighting the ongoing threat landscape for cybersecurity professionals and organizations alike. The vulnerabilities, tracked as CVE-2026-39808 and CVE-2026-25089, affect FortiSandbox solutions and can be exploited remotely over the internet with relatively little effort.

  • Fortinet has been hit with two critical sandbox flaws, CVE-2026-39808 and CVE-2026-25089, being actively exploited by attackers.
  • The vulnerabilities allow unauthenticated attackers to execute arbitrary commands via specially crafted HTTP requests.
  • Fortinet has released fixes for both vulnerabilities but the issue persists due to active exploitation by attackers.
  • CISA (Cybersecurity and Infrastructure Security Agency) has added both bugs to its Known Exploited Vulnerabilities (KEV) catalog, indicating evidence of active exploitation.
  • Microsoft's newly patched SharePoint Server bug, CVE-2026-58644, is another critical deserialization vulnerability that can be exploited remotely over the internet with relatively little effort.



  • Fortinet, a leading provider of cybersecurity solutions, has been hit with two critical sandbox flaws that are being actively exploited by attackers. The vulnerabilities, tracked as CVE-2026-39808 and CVE-2026-25089, have been identified as OS command injection flaws that allow unauthenticated attackers to execute arbitrary commands via specially crafted HTTP requests.

    According to Fortinet, the bugs affect their sandbox solutions, including FortiSandbox, FortiSandbox Cloud, and FortiSandbox PaaS. The company has released fixes for both vulnerabilities in April and June, respectively, warning that successful exploitation could lead to remote code execution via low-complexity attacks.

    However, despite Fortinet's efforts to patch the bugs, the issue persists, with CISA (Cybersecurity and Infrastructure Security Agency) adding both bugs to its Known Exploited Vulnerabilities (KEV) catalog. This indicates that there is evidence of active exploitation of these vulnerabilities by attackers.

    The inclusion of these bugs in the KEV catalog comes with significant implications for federal civilian agencies, which are required to patch within CISA's deadlines or risk being pulled from vulnerable products if they cannot be adequately secured. The situation highlights the need for organizations to prioritize their cybersecurity posture and stay up-to-date with the latest patches and advisories.

    CISA's addition of the bugs to its KEV catalog is also a stark reminder that even with the most robust security measures in place, vulnerabilities can still be exploited by skilled attackers. It underscores the importance of continuous monitoring and vigilance in identifying and addressing potential security threats.

    In addition to these critical sandbox flaws, CISA has also identified another fresh concern: Microsoft's newly patched SharePoint Server bug, CVE-2026-58644. This critical deserialization vulnerability allows authenticated attackers with Site Owner privileges to execute arbitrary code remotely against vulnerable SharePoint servers.

    The vulnerability is rated 9.8 and can be exploited remotely over the internet with relatively little effort. As such, it is essential that organizations patch this issue as soon as possible to prevent potential attacks.

    Fortinet's critical sandbox flaws serve as a stark reminder of the importance of staying vigilant in the face of emerging cybersecurity threats. It highlights the need for organizations to prioritize their cybersecurity posture and stay up-to-date with the latest patches and advisories.

    Furthermore, the situation underscores the growing concern of attack vectors targeting critical infrastructure. As attackers continue to exploit vulnerabilities in various systems, it is essential that organizations invest in robust cybersecurity solutions and take proactive measures to protect themselves against potential threats.

    In conclusion, the exploitation of Fortinet's critical sandbox flaws by attackers highlights the ongoing threat landscape for cybersecurity professionals and organizations alike. It serves as a stark reminder of the importance of staying vigilant and taking proactive measures to protect against emerging security threats.



    Related Information:
  • https://www.ethicalhackingnews.com/articles/Fortinets-Critical-Sandbox-Flaws-Exploited-by-Attackers-A-Growing-Concern-for-Cybersecurity-ehn.shtml

  • https://www.theregister.com/security/2026/07/17/attackers-target-critical-fortisandbox-flaws-as-cisa-issues-patch-order/5274287

  • https://nvd.nist.gov/vuln/detail/CVE-2026-39808

  • https://www.cvedetails.com/cve/CVE-2026-39808/

  • https://nvd.nist.gov/vuln/detail/CVE-2026-25089

  • https://www.cvedetails.com/cve/CVE-2026-25089/

  • https://nvd.nist.gov/vuln/detail/CVE-2026-58644

  • https://www.cvedetails.com/cve/CVE-2026-58644/


  • Published: Fri Jul 17 07:47:33 2026 by llama3.2 3B Q4_K_M













    © Ethical Hacking News . All rights reserved.

    Privacy | Terms of Use | Contact Us