CVE-2026-59835: Information disclosure in Fortinet FortiSandbox
A exposure of resource to wrong sphere vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.2, FortiSandbox 4.4.3 through 4.4.8 may allow an unauthenticated attacker to access the VNC server of VMs performing scanning via network requests.
AI Analysis
Technical Summary
CVE-2026-59835 affects Fortinet FortiSandbox versions 5.0.0 through 5.0.2 and 4.4.3 through 4.4.8. The vulnerability arises from an exposure of a resource to an incorrect security sphere, enabling unauthenticated attackers to access the VNC server of scanning VMs through network requests. This can lead to high confidentiality impact, limited integrity impact, and limited availability impact. The vulnerability has a CVSS 3.1 base score of 7.7, indicating high severity. An official fix is available from the vendor.
Potential Impact
An unauthenticated attacker can remotely access the VNC server of virtual machines used by FortiSandbox for scanning, potentially exposing sensitive information. The confidentiality impact is high, while integrity and availability impacts are low to moderate. This could allow attackers to observe or interact with scanning VMs, leading to information disclosure.
Mitigation Recommendations
An official fix is available for this vulnerability. Users should apply the vendor-provided patches to affected FortiSandbox versions to remediate the issue. Since the product is not a cloud service, remediation requires updating the affected software versions.
CVE-2026-59835: Information disclosure in Fortinet FortiSandbox
Description
A exposure of resource to wrong sphere vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.2, FortiSandbox 4.4.3 through 4.4.8 may allow an unauthenticated attacker to access the VNC server of VMs performing scanning via network requests.
CVSS v3.1
Score 7.7high
Affected software
cpe:2.3:a:fortinet:fortisandbox:5.0.2:*:*:*:*:*:*:*cpe:2.3:a:fortinet:fortisandbox:5.0.1:*:*:*:*:*:*:*cpe:2.3:a:fortinet:fortisandbox:5.0.0:*:*:*:*:*:*:*cpe:2.3:a:fortinet:fortisandbox:4.4.8:*:*:*:*:*:*:*cpe:2.3:a:fortinet:fortisandbox:4.4.7:*:*:*:*:*:*:*cpe:2.3:a:fortinet:fortisandbox:4.4.6:*:*:*:*:*:*:*AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-59835 affects Fortinet FortiSandbox versions 5.0.0 through 5.0.2 and 4.4.3 through 4.4.8. The vulnerability arises from an exposure of a resource to an incorrect security sphere, enabling unauthenticated attackers to access the VNC server of scanning VMs through network requests. This can lead to high confidentiality impact, limited integrity impact, and limited availability impact. The vulnerability has a CVSS 3.1 base score of 7.7, indicating high severity. An official fix is available from the vendor.
Potential Impact
An unauthenticated attacker can remotely access the VNC server of virtual machines used by FortiSandbox for scanning, potentially exposing sensitive information. The confidentiality impact is high, while integrity and availability impacts are low to moderate. This could allow attackers to observe or interact with scanning VMs, leading to information disclosure.
Mitigation Recommendations
An official fix is available for this vulnerability. Users should apply the vendor-provided patches to affected FortiSandbox versions to remediate the issue. Since the product is not a cloud service, remediation requires updating the affected software versions.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- fortinet
- Date Reserved
- 2026-07-07T15:21:25.057Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- official-fix
Threat ID: 6a565a3d68715ace43c7b73a
Added to database: 07/14/2026, 15:48:13 UTC
Last enriched: 07/14/2026, 16:05:04 UTC
Last updated: 07/15/2026, 01:30:00 UTC
Views: 7
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.