Dateline: July 17, 2026
The tool that inspects your suspicious files just became the suspicious file
CISA ordered federal agencies on Thursday to patch two critical vulnerabilities in Fortinet’s FortiSandbox platform. The deadline is Sunday, July 19. That is roughly 72 hours from the order landing.
Attackers are already inside the window.
What Happened?
CISA added CVE-2026-25089 and CVE-2026-39808 to its Known Exploited Vulnerabilities catalog on July 16, confirming both are under active attack. Binding Operational Directive 26-04 forces Federal Civilian Executive Branch agencies to remediate KEV entries fast, and this one carries a July 19 cutoff.
Both flaws let an unauthenticated attacker run commands on the box. No login. No user clicking anything. Low complexity. Fortinet rated both at CVSS 9.1 in its PSIRT advisories, though Fortinet’s own CNA record lists CVE-2026-25089 at 9.8. NVD has not published its own score.
Fortinet shipped fixes on April 14 and June 9 respectively. So the patches have been sitting there.
The exploitation report came first from threat intelligence firm Defused, which posted on June 16 that it had watched attacks against multiple FortiSandbox bugs over the previous 24 hours. Defused named three: CVE-2026-39813, CVE-2026-39808, and CVE-2026-25089. The firm flagged the CVE-2026-25089 attempts as looking like a hastily built exploit, possibly a broken one. CISA picked up two of the three.
Fortinet has not tagged either flaw as exploited on its own advisories, and did not respond to press questions about in the wild activity.
Affected builds run FortiSandbox 4.4.0 through 4.4.8 and 5.0.0 through 5.0.5, including Cloud and PaaS deployments. CVE-2026-25089 reportedly lives in the “start VNC” function of the web UI, where shell metacharacters can be injected through JSON in an HTTP request.
The Impact
FortiSandbox is not a side system. It is the appliance that detonates unknown files and decides whether they are safe. An attacker with command execution on it can flip verdicts, watch every sample your network submits, and sit in a place nobody thinks to check. It also tends to be trusted. Sandboxes talk to mail gateways, firewalls, and endpoint tooling, which makes the appliance a comfortable pivot point.
The pattern here is not new. CISA now tracks 28 Fortinet vulnerabilities exploited in the wild, and 13 of them have shown up in ransomware attacks. In February, Fortinet patched a critical SQL injection flaw in FortiClient EMS, CVE-2026-21643, that Defused later confirmed was being exploited. Two months after that came CVE-2025-61624, a path traversal bug in the same family.
Federal agencies have a deadline. Everyone else has the same exposure and no clock.
How to Avoid This
Patch now. Move FortiSandbox to 4.4.9 or later, or 5.0.6 or later, depending on your branch. Cloud and PaaS should be on 5.0.6 or later. If your CNA record shows 4.2 as affected, contact Fortinet, because the advisory does not list a 4.2 fix.
- Patch CVE-2026-39813 while you are in there. It was fixed in April and is still open on plenty of production systems.
- If you cannot patch today, pull the management interface off untrusted networks and restrict it to a short list of admin hosts.
- Then assume you were hit. Pull management access logs, look for unexpected config changes, failed login spikes, and outbound traffic the appliance has no reason to send. Image the system before you touch it if you can.
- Scan for shadow instances. Staging, QA, and backup copies of security appliances rarely make it into the CMDB.