The Point: FortiSandbox allows unauthenticated remote attackers to execute operating system commands — patches required.
A vulnerability in Fortinet FortiSandbox enables remote attackers to execute arbitrary operating system commands. CERT-Bund has rated the vulnerability as critical.
The vulnerability exists in Fortinet FortiSandbox and allows a remote, anonymous attacker to execute operating system commands. CERT-Bund has classified this vulnerability as critical (WID-SEC-2026-1836).
FortiSandbox is a sandbox solution for isolating and detonating suspicious files, commonly deployed in mail gateways and security appliances. Remote execution of operating system commands without authentication on this component represents potential full access to the sandbox infrastructure and possibly side-channel attacks to other systems in the network.
CISOs should immediately verify which FortiSandbox instances are running in their infrastructure, consult the CERT-Bund advisory (WID-SEC-2026-1836), and apply security patches from Fortinet. Until then, access to the affected component should be restricted at the network level.
Source: wid.cert-bund.de · Published June 10, 2026
Lumi AI News — AI-assisted curation in accordance with Article 50 EU AI Act. Paraphrase and classification by Lumi News Pipeline v1.6.5.