Attackers Chain Three FortiSandbox Flaws for Code Execution

Threat intelligence firm Defused Cyber has observed active exploitation of three critical Fortinet FortiSandbox vulnerabilities over the past 24 hours. All three flaws carry CVSS 9.1 severity scores and allow unauthenticated attackers to execute arbitrary code or bypass authentication via specially crafted HTTP requests.

This exploitation activity comes amid ongoing Fortinet security concerns—just yesterday we reported on the FortiBleed credential leak that exposed VPN credentials for nearly 74,000 firewall URLs worldwide.

The Vulnerabilities

CVE-2026-39813 (CVSS 9.1): A path traversal vulnerability in the JRPC API that allows attackers to read sensitive files and potentially achieve code execution.

CVE-2026-39808 (CVSS 9.1): An OS command injection flaw that enables unauthenticated remote code execution through the FortiSandbox management interface.

CVE-2026-25089 (CVSS 9.1): Another OS command injection vulnerability in the Web UI, exploitable without authentication.

All three vulnerabilities affect FortiSandbox, FortiSandbox Cloud, and FortiSandbox PaaS deployments.

Exploitation Activity

Defused Cyber researchers noted that the CVE-2026-25089 exploit shows "signs of being developed using an artificial intelligence model" and is reportedly faulty in some implementations. Despite the buggy exploit code, attackers are still achieving successful compromises by chaining the vulnerabilities together.

The combination of path traversal and command injection creates a powerful attack chain. An attacker can:

1. Use path traversal to enumerate the system and identify targets
2. Leverage command injection to execute arbitrary code
3. Establish persistence for ongoing access

FortiSandbox appliances are particularly valuable targets because they handle suspicious files and network traffic for malware analysis. Compromising these systems could allow attackers to evade detection—a sandbox that reports files as clean becomes the perfect cover for malicious payloads.

Patch Status and Timeline

Fortinet addressed CVE-2026-39813 and CVE-2026-39808 in April 2026. CVE-2026-25089 was patched within one week of discovery, with fixes released before June 16, 2026.

Organizations running FortiSandbox should verify they're running patched firmware immediately. Given active exploitation, assume breach and hunt for indicators of compromise if patching was delayed.

Fortinet's Difficult Year

2026 has been challenging for Fortinet security teams. The company's products have faced sustained attacker attention:

• The FortiBleed campaign compromised tens of thousands of FortiGate firewalls through credential recycling
• Critical FortiClient EMS vulnerabilities landed on the CISA KEV catalog
• Multiple FortiManager and FortiAnalyzer patches addressed critical authentication bypasses

Fortinet devices remain prime targets because they sit at network perimeters and often have direct internet exposure. A compromised Fortinet appliance provides attackers with network visibility, traffic interception capabilities, and a pivot point into internal infrastructure.

Recommendations

1. Patch immediately if running FortiSandbox, FortiSandbox Cloud, or FortiSandbox PaaS
2. Audit management interface exposure—these interfaces should never be internet-accessible
3. Review FortiSandbox logs for unusual API calls, especially to JRPC endpoints
4. Check for unauthorized configuration changes or new admin accounts
5. Implement network segmentation to limit blast radius if sandbox is compromised
6. Monitor egress traffic from sandbox appliances for unexpected outbound connections

Why This Matters

Sandboxing technology exists to detect malicious files that evade signature-based detection. When the sandbox itself is compromised, attackers gain a powerful position: they can configure the system to pass their malware as benign, effectively blinding the organization's threat detection.

This represents a fundamental problem with security appliances as targets—they're trusted infrastructure that, when subverted, actively works against defenders. For organizations relying on FortiSandbox for malware analysis, these vulnerabilities warrant emergency patching priority.

The pattern of Fortinet vulnerabilities throughout 2026 suggests organizations should consider defense-in-depth strategies rather than relying on any single vendor's security stack. Similar concerns apply to other network security vendors—the recent Check Point VPN zero-day demonstrated how perimeter devices remain prime targets. Layered detection across multiple vendors and technologies provides resilience when one component is compromised.