FortiSandbox and FortiOS: Attackers can bypass VPN authentication
Attackers can target Fortinet firewalls, among other things. Security updates are available for download.
(Image: FlashMovie / shutterstock.com)
Fortinet's network operating system FortiOS and the IT security solution FortiSandbox are vulnerable through several security flaws. So far, there are no indications of attacks from the network equipment manufacturer.
Install security patches
If attackers exploit a vulnerability (CVE-2025-52436 "high") in FortiSandbox, they can execute their own commands as part of an XSS attack. According to the description of the vulnerability, no authentication is required for this.
Devices such as firewalls with FortiOS are vulnerable through several software flaws. With a specific configuration of LDAP authentication (unauthenticated binds), attackers can exploit a vulnerability (CVE-2026-22153 "high") and thus bypass login in the VPN context.
Additionally, attackers can execute their own commands, among other things (CVE-2025-64157 "medium"). However, they must already be administrators for this.
Videos by heise
Fortinet has listed further information on the patched vulnerabilities in the security section of its website.
(des)
