Browsing Tag
CVE-2026-25089
1 post
Coverage of CVE-2026-25089, the FortiSandbox second-order OS command injection vulnerability affecting FortiSandbox, FortiSandbox Cloud, and FortiSandbox PaaS.
FortiSandbox Exploits Put Fortinet Appliances on a Patch Clock
Attackers are probing three critical FortiSandbox vulnerabilities that can expose Fortinet malware-analysis appliances to authentication bypass and command execution. Security teams should verify FortiSandbox 4.4 and 5.0 patch levels, check whether management interfaces are reachable, and review logs for exploit attempts rather than treating the April and June fixes as routine maintenance.
