CISA has ordered U.S. federal agencies to urgently patch two actively exploited critical vulnerabilities in Fortinet FortiSandbox, tracked as CVE-2026-39808 and CVE-2026-25089. Fortinet and Defused reported that attackers are already abusing the flaws in the wild, allowing unauthenticated remote code execution through low-complexity command injection attacks. #Fortinet #FortiSandbox #CVE-2026-39808 #CVE-2026-25089 #CISA
Keypoints
- CISA added two FortiSandbox flaws to its known exploited vulnerabilities catalog.
- The affected vulnerabilities are CVE-2026-39808 and CVE-2026-25089.
- Fortinet says the issues can allow unauthenticated remote code execution.
- Admins must upgrade all affected FortiSandbox deployments to the latest versions.
- Federal agencies must patch the vulnerabilities by Sunday, July 19.