If your organisation uses Fortinet’s FortiSandbox, stop and check your patch level now. Threat intelligence company Defused Cyber confirmed on 16 June 2026 that attackers are exploiting three critical Fortinet FortiSandbox vulnerabilities: CVE-2026-39813, CVE-2026-39808 and CVE-2026-25089. Two of those patches have been available since April. The window between “patch available” and “exploitation confirmed” has closed.
Table of Contents
What FortiSandbox Does and Why It Matters Here
FortiSandbox analyses suspicious files and URLs on behalf of other Fortinet products. A FortiGate firewall or a FortiMail gateway will pass unknown attachments to the sandbox and block or allow them based on the verdict it gets back. That makes the sandbox a trust anchor for a Fortinet estate, not a passive box on the side. Compromise it and you can influence what the rest of the stack permits.
So the risk here goes beyond a single appliance. An attacker who exploits one of these Fortinet FortiSandbox vulnerabilities does not just get a foothold on one box. They get a position from which they can shape security decisions across the whole environment.
The Three Fortinet FortiSandbox Vulnerabilities, Explained
CVE-2026-39813 (CVSS 9.1) is a path traversal flaw in the JRPC API. No authentication is needed. A specially crafted HTTP request is enough to bypass access controls. Fortinet patched this in April 2026 after internal researcher Loic Pantano found it. Affected versions run from 4.4.0 to 4.4.8 and from 5.0.0 to 5.0.5.
CVE-2026-39808 (CVSS 9.1) is an OS command injection flaw that also requires no authentication. Attackers inject commands through the jid GET parameter, gaining root-level execution. Samuel de Lucas Maroto of KPMG Spain discovered this one. It was patched alongside CVE-2026-39813 in April 2026, but a public proof-of-concept has been available since then, meaning the exploitation barrier was low from the moment that PoC dropped.
CVE-2026-25089 (CVSS 9.1) is the most recent: Fortinet patched it on 9 June 2026. It is also a command injection flaw, but this one lives in the web UI and extends to FortiSandbox Cloud (5.0.4 to 5.0.5) and FortiSandbox PaaS in the same range. Defused noted the circulating exploit appears AI-generated and is likely faulty, but exploitation attempts were already observed within a week of the patch release.
What Your IT Team Should Do Now
First, find out which version of FortiSandbox is running. If you are on anything in the 4.4.0 to 4.4.8 range, upgrade to 4.4.9. If you are on 5.0.0 to 5.0.5, upgrade to 5.0.6. For Cloud and PaaS variants on 5.0.4 to 5.0.5, apply Fortinet’s issued update. Check FortiGuard’s PSIRT page for the exact advisory and any indicators of compromise the vendor has published.
Second, check your exposure. Is the FortiSandbox management interface reachable from the internet? If yes, restrict access to a management VLAN or VPN-only zone. Unauthenticated vulnerabilities like these are exploitable from any address that can reach the interface.
Third, consider whether you may already have been compromised before patching. Review authentication logs from mid-April 2026 onwards, looking for API calls to the JRPC endpoint from unexpected sources. Also check sandbox verdicts for any files marked clean that were later flagged by other tools. These are signs an attacker may have been inside, quietly influencing what your network trusts.
Finally, note the versions carefully. Applying the April patches does not cover CVE-2026-25089, which was only fixed in June. Two of three does not mean you are safe. So confirm all three CVEs are patched before closing the ticket.
The Broader Fortinet Track Record
These Fortinet FortiSandbox vulnerabilities fit a broader pattern. Fortinet is a regular target. CISA’s Known Exploited Vulnerabilities catalogue lists 26 Fortinet CVEs, and 13 of those are linked to ransomware groups. Attackers know the product range, they watch Fortinet’s advisories, and many have pre-built tooling for common Fortinet flaws. When a new patch drops, exploitation attempts follow quickly: as CVE-2026-25089 shows, exploited within seven days of patching.
That tempo means organisations using Fortinet products need a reliable, fast process for applying security patches. A patch applied three months after release is better than nothing, but the evidence here shows attackers were ready in April for the two CVEs patched then. Patch windows are now measured in days, not months.
