Skip to content
  • Home
  • Cyber Map
  • About Us – Contact
  • Disclaimer
  • Terms and Rules
  • Privacy Policy
Cyber Web Spider Blog – News

Cyber Web Spider Blog – News

Globe Threat Map provides a real-time, interactive 3D visualization of global cyber threats. Monitor DDoS attacks, malware, and hacking attempts with geo-located arcs on a rotating globe. Stay informed with live logs and archive stats.

  • Home
  • Cyber Map
  • Cyber Security News
  • Security Week News
  • The Hacker News
  • How To?
  • Toggle search form
FortiSandbox Vulnerability Exposes VNC Servers

FortiSandbox Vulnerability Exposes VNC Servers

Posted on July 14, 2026 By CWS

Fortinet has announced a significant security vulnerability within its FortiSandbox product that could permit unauthorized access to the virtual machine VNC servers used in malware scanning processes. Identified as CVE-2026-59835, this vulnerability is rated with a CVSSv3 score of 7.7, indicating its high severity.

Details of the Vulnerability

The flaw is categorized under CWE-668 as an Exposure of Resource to Wrong Sphere. It enables attackers to craft specific network requests that grant access to the VNC server linked with scanning virtual machines, bypassing any credential requirements. This presents a risk of information exposure due to the low complexity required for executing the attack and the absence of user interaction.

FortiSandbox’s design, which utilizes isolated virtual machines for the purpose of safely detonating and analyzing suspicious files, is compromised by this vulnerability. Unauthorized access to these VNC servers could allow attackers to observe or manipulate the sandboxed environments, jeopardizing the integrity of malware analysis efforts and potentially exposing sensitive data.

Versions Affected and Mitigation Measures

Specific versions of FortiSandbox are impacted. FortiSandbox version 5.0, specifically builds 5.0.0 through 5.0.2, requires an upgrade to version 5.0.3 or later. Similarly, version 4.4 builds 4.4.3 through 4.4.8 should be updated to 4.4.9 or above. It is important to note that FortiSandbox PaaS deployments remain unaffected, so no action is necessary for those users.

However, organizations using the on-premises hardware models FSA-500G and FSA-1500G are urged to apply patches promptly to mitigate potential risks. Fortinet has recognized the INPS security team for their role in discovering and responsibly disclosing this vulnerability in accordance with the company’s coordinated disclosure protocol.

Recent Security Concerns with FortiSandbox

This vulnerability disclosure is part of a series of security issues Fortinet has tackled within the FortiSandbox platform this year. Previous vulnerabilities include a critical OS command injection flaw (CVE-2026-25089) with a CVSS score of 9.1, and a missing authorization issue in the Web UI, both of which also allowed remote, unauthenticated attackers to compromise the system.

As of the advisory FG-IR-26-145 published on July 14, 2026, there have been no reports of this latest vulnerability being exploited in live environments. Organizations are advised to stay vigilant and ensure their systems are updated to protect against these threats.

To enhance your security operations center (SOC) capabilities, consider integrating advanced tools like ANY.RUN for accelerated threat detection and rapid investigations.

Cyber Security News Tags:CVE-2026-59835, Cybersecurity, Fortinet, FortiSandbox, information disclosure, malware analysis, network security, security patch, VNC servers, vulnerability management

Post navigation

Previous Post: Hackers Use Fake OAuth IDs to Target Entra ID Users
Next Post: AsyncAPI npm Packages Compromised, 2M Downloads Affected

Related Posts

JLR Confirms Phased Restart of Operations Following Cyber Attack JLR Confirms Phased Restart of Operations Following Cyber Attack Cyber Security News
Cybersecurity News Weekly Newsletter – Fortinet, Chrome 0-Day Flaws, Cloudflare Outage and Salesforce Gainsight Breach Cybersecurity News Weekly Newsletter – Fortinet, Chrome 0-Day Flaws, Cloudflare Outage and Salesforce Gainsight Breach Cyber Security News
Apache Struts Vulnerability Let Attackers Trigger Disk Exhaustion Attacks Apache Struts Vulnerability Let Attackers Trigger Disk Exhaustion Attacks Cyber Security News
ZAP Enhances Security with OWASP PTK Add-On ZAP Enhances Security with OWASP PTK Add-On Cyber Security News
Preventing OAuth Consent Abuse in Entra ID Preventing OAuth Consent Abuse in Entra ID Cyber Security News
Microsoft Exchange Online Service Down Microsoft Exchange Online Service Down Cyber Security News

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Recent Posts

  • AsyncAPI npm Packages Compromised, 2M Downloads Affected
  • FortiSandbox Vulnerability Exposes VNC Servers
  • Hackers Use Fake OAuth IDs to Target Entra ID Users
  • Microsoft Addresses Record 622 Vulnerabilities, Including Two Critical Zero-Days
  • Tego AI Exposes Potential Risks in Claude Tag Integration

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Archives

  • July 2026
  • June 2026
  • May 2026
  • April 2026
  • March 2026
  • February 2026
  • January 2026
  • December 2025
  • November 2025
  • October 2025
  • September 2025
  • August 2025
  • July 2025
  • June 2025
  • May 2025

Recent Posts

  • AsyncAPI npm Packages Compromised, 2M Downloads Affected
  • FortiSandbox Vulnerability Exposes VNC Servers
  • Hackers Use Fake OAuth IDs to Target Entra ID Users
  • Microsoft Addresses Record 622 Vulnerabilities, Including Two Critical Zero-Days
  • Tego AI Exposes Potential Risks in Claude Tag Integration

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Copyright © 2026 Cyber Web Spider Blog – News.

Powered by PressBook Masonry Dark