CISA Patch Deadline Hits Today as Hackers Exploit Critical Fortinet FortiSandbox Flaws

CISA Patch Deadline Hits Today as Hackers Exploit Critical Fortinet FortiSandbox Flaws

CISA Patch Deadline Hits Today as Hackers Exploit Critical Fortinet FortiSandbox Flaws

CISA gave federal agencies until today, July 19, to fix two critical Fortinet FortiSandbox flaws that attackers are already exploiting. The bugs, tracked as CVE-2026-39808 and CVE-2026-25089, both carry a CVSS score of 9.1 and let outside attackers run commands on the appliance without a password.

A padlock symbolizing the urgent need to lock down vulnerable network appliances

The U.S. Cybersecurity and Infrastructure Security Agency added both flaws to its Known Exploited Vulnerabilities (KEV) catalog on July 16. Inclusion means CISA has evidence the bugs are being attacked in the wild. For federal civilian agencies, the listing triggers a hard deadline under Binding Operational Directive 26-04: patch by today or pull the product offline if it can't be secured.

Fortinet, for its part, has not confirmed public exploitation. The company told The Register it had nothing to add and did not answer questions about the in-the-wild activity. That gap between a vendor's silence and a government's alarm is now a familiar pattern in the race to patch edge devices.

What the two flaws actually do

Both are OS command injection bugs (CWE-78). An unauthenticated attacker sends a specially crafted HTTP request and slips shell commands past FortiSandbox's input checks. The commands run with system-level privileges. No valid login is needed. No user has to click anything.

CVE-2026-39808 lives in the /fortisandbox/job-detail/tracer-behavior endpoint. Researchers found they could stuff shell metacharacters into the "jid" parameter, which the appliance then hands to an underlying operating-system process without sanitizing it. A follow-up request to a text file confirms the command ran. Fortinet fixed this one in April, in version 4.4.9, after KPMG Spain researcher Samuel de Lucas Maroto reported it under responsible disclosure.

CVE-2026-25089 affects FortiSandbox, FortiSandbox Cloud, and FortiSandbox PaaS. Fortinet shipped its fix in June. Like its sibling, it needs no credentials and travels over a crafted HTTP request.

Attackers are already probing

The exploitation isn't theoretical. Security firm Defused said it watched attack attempts against both flaws this week, alongside a third FortiSandbox bug, CVE-2026-39813. Defused described the exploit aimed at CVE-2026-25089 as "vibecoded" and likely broken, and said it has yet to see a working public version.

CrowdSec paints a busier picture for CVE-2026-39808. The company released a detection rule on June 17 and saw the first in-the-wild attempts that same day. As of its report, the CrowdSec network was tracking 49 unique malicious IP addresses probing internet-exposed appliances. A working proof-of-concept sits on GitHub, and a Nuclei scanner template lets anyone check for the bug with a single command.

That combination — a public exploit, a scanner template, and live probing — is exactly what turns a quiet flaw into a mass-scanning campaign. Third-party threat intel has already reported the FortiSandbox bugs being chained to reach unauthenticated, root-level code execution on financial and critical-infrastructure systems.

A network switch rack, where security appliances like FortiSandbox sit inside enterprise data centers

Why a sandbox bug frightens defenders

FortiSandbox is supposed to be the safe place. It takes suspicious files and links from firewalls, mail gateways, and endpoints, then detonates them in isolation to catch zero-day malware before it reaches users. Security teams trust it with broad visibility across the network.

A command injection flaw in that box is a worst-case scenario. Gaining code execution there is like breaking into the bomb-disposal lab: the attacker lands on a trusted appliance wired into the rest of the security stack. From that foothold they can pivot deeper, steal data, or quietly disable the very defenses meant to catch them.

"Patching is the only complete fix," CrowdSec's write-up notes. There is no configuration tweak that removes the underlying flaw.

Who is affected, and what to do

FortiSandbox versions 4.4.0 through 4.4.8 carry CVE-2026-39808. Fortinet says version 5.0 is not affected, and FortiSandbox PaaS 5.0 needs no action. The fix is to upgrade to 4.4.9 or later.

For defenders who cannot patch immediately, CISA's directive is blunt: evaluate each asset's internet exposure and either mitigate per the vendor's guidance or stop using the product. Concrete steps include keeping the management interface off the public internet, putting a web application firewall in front of the appliance, and blocking the IPs already seen attacking CrowdSec's network.

The third bug, CVE-2026-39813, lets an attacker bypass authentication through the FortiSandbox JRPC API. Fortinet bundled fixes for it and CVE-2026-39808 in a Tuesday batch of 26 advisories covering 27 vulnerabilities. That same release also patched CVE-2026-22828, a high-severity buffer overflow in FortiAnalyzer Cloud, though Fortinet says its exploit would take heavy prep work because of address-space randomization and network segmentation.

Part of a wider edge-appliance problem

FortiSandbox is far from the only security product attackers have targeted this year. Edge devices — firewalls, VPN gear, and analysis appliances sitting at the network's border — keep drawing fire because they face the internet by design and hold keys to the inside.

The Register noted that state-backed hackers hammered a Palo Alto firewall zero-day before its patch landed. Ivanti and ServiceNow gear has drawn the same attention. Each case follows the same script: a flaw in a trusted border device, a short window before exploits spread, and defenders racing to patch before automated scanners arrive.

CISA's KEV catalog now lists 1,647 entries. The agency refreshes it constantly, and each addition carries a due date. Today's FortiSandbox deadline is one of dozens queued this month. The SharePoint Server bug CVE-2026-58644, a 9.8-rated deserialization flaw, shares the same July 19 due date after Microsoft warned it could be reached over the internet with little effort.

The bottom line for security teams

If your organization runs FortiSandbox, check the version now. Anything on 4.4.0 through 4.4.8 needs the 4.4.9 upgrade. Agencies under BOD 26-04 are out of time as of today. Everyone else should treat the public exploit and live scanning as reason enough to move this week.

The lesson repeats: a device built to handle hostile input is still just software, and software breaks. When that software sits at the heart of your defenses, a single command-injection bug can undo the whole stack. Patch the sandbox, keep it off the internet, and watch the logs.

Read the full KEV entry and remediation guidance at the CISA Known Exploited Vulnerabilities catalog, and see The Register's reporting for the timeline of discovery and disclosure. For more on this beat, browse our Cybersecurity coverage and related Cloud & Edge Computing reporting.

← Back to Home