Close Menu
  • Home
  • News
  • Cyber Security
  • Internet of Things
  • Tips and Advice

Subscribe to Updates

Get the latest creative news from FooBar about art, design and business.

What's Hot

CISA Mandates Urgent Patch for Actively Exploited Fortinet Flaws

July 17, 2026

Progress Tells ShareFile Customers to Shut Down Storage Zone Controllers Over Security Threat

July 17, 2026

US Launches Gold Eagle to Coordinate AI-Driven Vulnerability Managemen

July 17, 2026
Facebook X (Twitter) Instagram
Friday, July 17
Facebook X (Twitter) Instagram Pinterest Vimeo
Cyberwire Daily
  • Home
  • News
  • Cyber Security
  • Internet of Things
  • Tips and Advice
Cyberwire Daily
Home»News»CISA Mandates Urgent Patch for Actively Exploited Fortinet Flaws
News

CISA Mandates Urgent Patch for Actively Exploited Fortinet Flaws

Team-CWDBy Team-CWDJuly 17, 2026No Comments2 Mins Read
Share Facebook Twitter Pinterest LinkedIn Tumblr Reddit Telegram Email
Share
Facebook Twitter LinkedIn Pinterest Email


Two vulnerabilities affecting Fortinet’s malware analysis and detection FortiSandbox have been exploited in the wild, the US Cybersecurity and Infrastructure Security Agency (CISA) has warned.

The vulnerabilities, tracked as CVE-2026-39808 and CVE-2026-25089 are both critical, with a severity rating (CVSS) of 9.1 each.

CISA added both to its Known Exploited Vulnerabilities (KEV) catalog on July 16, suggesting evidence of observed exploitation in the wild.

The agency urged rolling out patches across federal government by July 19.

ForitSandbox Exploits Can Lead to Execute Rogue Commands

CVE-2026-39808 was detected by Samuel de Lucas Maroto, a security researcher at KPMG Spain, and disclosed by Fortinet on April 14.

It is an operating system (OS) command injection vulnerability affecting Fortinet’s FortiSandbox versions 4.4.0 to 4.4.8.

When exploited, it allows an attacker to execute unauthorized code or commands via .

Fortinet has released a patch in FortiSandbox version 4.4.9.

The second bug, CVE-2026-25089, was initially identified by Adham El Karn, a security researcher within the Fortinet Product Security team, and  was disclosed by the cybersecurity firm on June 9.

It is an OS command injection vulnerability affecting Fortinet’s FortiSandbox versions 5.0.0 to 5.0.5, 4.4.0 to 4.4.8 and all 4.2 versions, FortiSandbox Cloud versions 5.0.4 to 5.0.5 and FortiSandbox PaaS versions 5.0.4 to 5.0.5.

When exploited, it allows an unauthenticated attacker to execute unauthorized commands via specifically crafted HTTP requests.

Fortinet has released a patch in FortiSandbox versions 4.4.9 and 5.0.6.

CISA required US federal agencies to apply mitigations and patches released by Fortinet.

For cloud-based services, agencies should discontinue using the product if mitigations are unavailable.

CISA has not confirmed whether these vulnerabilities have been used in ransomware campaigns.

Image credits: Piotr Swat / bluestork / Shutterstock.com



Source

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
Previous ArticleProgress Tells ShareFile Customers to Shut Down Storage Zone Controllers Over Security Threat
Team-CWD
  • Website

Related Posts

News

Progress Tells ShareFile Customers to Shut Down Storage Zone Controllers Over Security Threat

July 17, 2026
News

US Launches Gold Eagle to Coordinate AI-Driven Vulnerability Managemen

July 17, 2026
News

Injective Labs GitHub Compromise Pushes Wallet-Key-Stealing npm Packages

July 17, 2026
Add A Comment
Leave A Reply Cancel Reply

Latest News

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

November 24, 202523 Views

macOS Stealer Campaign Uses “Cracked” App Lures to Bypass Apple Securi

September 7, 202517 Views

North Korean Hackers Target Crypto Firms with ClickFix and Zoom Lures

April 29, 202610 Views

Why SOC Burnout Can Be Avoided: Practical Steps

November 14, 20259 Views

Cyber M&A Roundup: Cyber Giants Strengthen AI Security Offerings

December 1, 20258 Views
Stay In Touch
  • Facebook
  • YouTube
  • TikTok
  • WhatsApp
  • Twitter
  • Instagram
Most Popular

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

November 24, 202523 Views

macOS Stealer Campaign Uses “Cracked” App Lures to Bypass Apple Securi

September 7, 202517 Views

North Korean Hackers Target Crypto Firms with ClickFix and Zoom Lures

April 29, 202610 Views
Our Picks

Why cybercriminals want to break into your email account

June 29, 2026

AI-powered financial scams swamp social media

September 11, 2025

What if your romantic AI chatbot can’t keep a secret?

November 18, 2025

Subscribe to Updates

Get the latest news from cyberwiredaily.com

Facebook X (Twitter) Instagram Pinterest
  • Home
  • Contact
  • Privacy Policy
  • Terms of Use
  • California Consumer Privacy Act (CCPA)
© 2026 All rights reserved.

Type above and press Enter to search. Press Esc to cancel.