Attackers hit pair of critical Fortinet vulnerabilities the vendor disclosed in April
ID: a7089b3e-3f35-5a25-b870-6d2f3e5cbfab
STIX ID: report--a7089b3e-3f35-5a25-b870-6d2f3e5cbfab
Feed Name: CyberScoop
Threat Score
Researchers have observed active exploitation of critical FortiSandbox vulnerabilities (CVE-2026-39808 and CVE-2026-39813) since June, with additional exploitation attempts targeting CVE-2026-25089. Multiple operators from several countries were observed conducting dozens of exploitation events and reconnaissance, and the affected sandbox appliance is high-value because it connects to other Fortinet devices and can grant elevated access in security-sensitive environments.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
