The U.S. Cybersecurity and Infrastructure Security Agency ordered federal agencies to patch or isolate FortiSandbox systems by Sunday, July 19, 2026 [4].

This emergency directive follows reports that attackers are actively exploiting critical vulnerabilities to gain root access to security appliances. Because these systems are used to verify the safety of files, a compromise could allow attackers to manipulate security verdicts and bypass network defenses.

CISA identified two critical command-injection vulnerabilities being targeted in the wild [3]. These are tracked as CVE-2026-39808 [1] and CVE-2026-25089 [1]. The flaws allow an unauthenticated user to execute arbitrary commands on the appliance, effectively granting the attacker full control over the system [5].

The agency issued the order on Thursday, July 17, 2026 [5], giving government data centers and networks a narrow window to secure their infrastructure. CISA has added these bugs to its Known Exploited Vulnerabilities catalog to signal the immediate risk to the public sector [6].

Federal agencies must either apply the available patches from Fortinet, or isolate the affected systems from the network to prevent further exploitation. The urgency of the Sunday deadline reflects the high risk of a trust chain collapse within government security architectures [2].

Failure to remediate these flaws could allow malicious actors to maintain a persistent presence within federal networks. By gaining root access, attackers can potentially hide their activities or use the sandbox as a jumping-off point to attack other internal systems [2].

Attackers are actively exploiting critical vulnerabilities to gain root access to security appliances.

The targeting of a security product like FortiSandbox is particularly dangerous because these tools are designed to be the 'final word' on whether a file is malicious. When an attacker gains root access to the sandbox, they can force the system to mark malware as safe, effectively blinding the rest of the network's security layers. The extremely short patching window imposed by CISA indicates that the exploitation is likely widespread or being used in high-value targeted attacks against the U.S. government.