Analysis and contextual insights are available on OpenCVE Cloud.
Vendor Solution
Upgrade to FortiSandbox version 5.0.3 or above Upgrade to FortiSandbox version 4.4.9 or above
Tracking
Sign in to view the affected projects.
No advisories yet.
| Link | Providers |
|---|---|
| https://fortiguard.fortinet.com/psirt/FG-IR-26-145 |
|
Tue, 14 Jul 2026 16:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Tue, 14 Jul 2026 15:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A exposure of resource to wrong sphere vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.2, FortiSandbox 4.4.3 through 4.4.8 may allow an unauthenticated attacker to access the VNC server of VMs performing scanning via network requests. | |
| First Time appeared |
Fortinet
Fortinet fortisandbox |
|
| Weaknesses | CWE-668 | |
| CPEs | cpe:2.3:a:fortinet:fortisandbox:4.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.2:*:*:*:*:*:*:* |
|
| Vendors & Products |
Fortinet
Fortinet fortisandbox |
|
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: fortinet
Published:
Updated: 2026-07-14T15:55:23.469Z
Reserved: 2026-07-07T15:21:25.057Z
Link: CVE-2026-59835
Updated: 2026-07-14T15:55:20.974Z
No data.
No data.
OpenCVE Enrichment
No data.