No analysis available yet.
Vendor Solution
Upgrade to FortiSandbox version 5.0.3 or above Upgrade to FortiSandbox version 4.4.9 or above
Tracking
Sign in to view the affected projects.
No advisories yet.
| Link | Providers |
|---|---|
| https://fortiguard.fortinet.com/psirt/FG-IR-26-145 |
|
Tue, 14 Jul 2026 16:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Tue, 14 Jul 2026 15:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A exposure of resource to wrong sphere vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.2, FortiSandbox 4.4.3 through 4.4.8 may allow an unauthenticated attacker to access the VNC server of VMs performing scanning via network requests. | |
| First Time appeared |
Fortinet
Fortinet fortisandbox |
|
| Weaknesses | CWE-668 | |
| CPEs | cpe:2.3:a:fortinet:fortisandbox:4.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.2:*:*:*:*:*:*:* |
|
| Vendors & Products |
Fortinet
Fortinet fortisandbox |
|
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: fortinet
Published:
Updated: 2026-07-14T15:55:23.469Z
Reserved: 2026-07-07T15:21:25.057Z
Link: CVE-2026-59835
Updated: 2026-07-14T15:55:20.974Z
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-14T17:15:03Z
-
CWE-668
Exposure of Resource to Wrong Sphere