Threat intelligence firm Defused confirmed active exploitation of two critical vulnerabilities in Fortinet’s FortiSandbox cyber threat detection platform on June 16. The two newly confirmed exploited flaws — CVE-2026-39813 and CVE-2026-39808 — are being chained with the previously reported CVE-2026-25089 in a sequence that achieves unauthenticated root code execution in practice, a more severe outcome than any individual CVE score suggests. Defused observed intrusion artifacts in at least seven FortiSandbox deployments across North American and European financial services and critical infrastructure sectors. CISA KEV addition is expected imminently.
The Three-CVE Chain: File Read to Root Code Execution Without Authentication
The chained exploit sequence begins with CVE-2026-39813, a pre-authentication path traversal in the FortiSandbox management interface that allows an unauthenticated attacker to read arbitrary files from the appliance filesystem — including the FortiSandbox configuration database. Attackers use this file-read capability to extract local admin credentials stored in the configuration database.
With those stolen credentials in hand, the attacker authenticates to the web management interface and delivers the CVE-2026-25089 RCE payload as an authenticated administrator action. CVE-2026-25089, rated CVSS 9.8, is an unauthenticated remote code execution vulnerability previously reported on June 11; the chained attack partially bypasses the authentication prerequisite documented in Fortinet’s original advisory by supplying credentials extracted in the prior step. CVE-2026-39808, a privilege escalation flaw, is then applied to escalate the resulting access to root.
The complete chain — CVE-2026-39813 (file read) → credential extraction from config DB → CVE-2026-25089 (authenticated RCE using stolen credentials) + CVE-2026-39808 (privilege escalation to root) — results in unauthenticated root code execution in practice across unpatched FortiSandbox deployments.
CVE-2026-39813: Path Traversal Enabling Arbitrary File Read
CVE-2026-39813 is the entry point of the chain. The path traversal flaw in FortiSandbox’s management interface requires no valid credentials and no user interaction. By sending a specially crafted HTTP request, an attacker can read arbitrary files from the appliance filesystem. The configuration database, which is readable via this path, contains local admin credentials in a form attackers can extract and use to authenticate. This transforms a file-read vulnerability into an authentication bypass in the context of the broader chain.
CVE-2026-39808: Privilege Escalation Completing Root Access
CVE-2026-39808 is a privilege escalation flaw chained after the attacker has achieved code execution via CVE-2026-25089. It elevates the attacker’s access to root on the underlying system. The combination of code execution and root privilege gives the attacker unrestricted control over the FortiSandbox appliance, including the ability to manipulate analysis verdicts returned to dependent Fortinet security products.
Why FortiSandbox Compromise Blinds the Security Products That Depend on It
FortiSandbox is a cyber threat detection platform deployed by enterprises to analyze suspicious files and network traffic in an isolated environment before other systems act on them. When FortiSandbox returns a clean verdict, dependent Fortinet products — firewalls, endpoint agents, email security tools — treat that verdict as authoritative and allow the file to proceed.
An attacker with root access to FortiSandbox can influence or manipulate the platform’s analysis output. Files submitted for analysis could be configured to receive clean verdicts regardless of their actual content. The dependent products consuming those verdicts have no independent ability to detect the manipulation, creating a gap in threat detection that other tools cannot close.
Seven Confirmed Compromises Across Financial Services and Critical Infrastructure
Defused confirmed intrusion artifacts in at least seven FortiSandbox deployments spanning North American and European financial services institutions and critical infrastructure operators. These are environments where the integrity of security verdict systems is operationally critical — compromise of the analysis platform itself is among the highest-impact outcomes an attacker targeting these sectors can achieve.
Patch: FortiSandbox 5.4.3
Fortinet released patches for all three CVEs in the FortiSandbox 5.4.3 update. Organizations running any version prior to 5.4.3 remain exposed to the full three-CVE chain. FortiSandbox administrators should apply the 5.4.3 update immediately and review platform audit logs for signs of unauthorized file access or configuration changes.
Fortinet has not yet added the new exploitation data to its PSIRT advisory. Given that Defused has confirmed active exploitation at seven sites and CISA KEV addition is expected imminently, the operational urgency is independent of Fortinet’s advisory timeline.
