SB2026071489 - Exposure of Resource to Wrong Sphere in FortiSandbox
Published: July 14, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 vulnerability.
1) Exposure of Resource to Wrong Sphere (CVE-ID: CVE-2026-59835)
CWE-ID: CWE-668 - Exposure of resource to wrong sphere
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote non-authenticated attacker to read, manipulate or delete data.
The vulnerability exists due to exposure of resource to wrong sphere on all interfaces. An unauthenticated attacker can access the VNC server of VMs performing scanning via network requests.
Remediation
Install update from vendor's website.