CNNVD-202511-2035 Information
CNNVD ID
CNNVD-202511-2035
Related CVE
- CNNVD Published: 2025-11-18
Description (Chinese)
Fortinet FortiSandbox是美国飞塔(Fortinet)公司的一款APT(高级持续性威胁)防护设备。该设备提供双重沙盒技术、动态威胁智能系统、实时控制面板和报告等功能。 Fortinet FortiSandbox存在安全漏洞,该漏洞源于隔离不当,可能导致攻击者通过特制文件绕过沙箱扫描。以下版本受到影响:5.0.0版本至5.0.1版本、4.4.0版本至4.4.7版本、4.2所有版本和4.0所有版本。
Description (English)
Fortinet FortiSandbox is an APT (Advanced Continuing Threat) protection unit of Fortinet. The equipment provides dual sandbox technology, dynamic threat intelligence systems, real-time control panels and reporting. Fortinet FortiSandbox has a security loophole, which stems from inappropriate isolation and may lead the assailants to bypass the sandbox through a specially designed document. The following versions were affected: 5.0.0 to 5.0.1, 4.4.0 to 4.4.7, 4.2 and 4.0 respectively.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
飞塔
Published
2025-11-18
Last Modified
2026-02-24
References
https://fortiguard.fortinet.com/psirt/FG-IR-24-501 https://access.redhat.com/security/cve/cve-2025-46215
Patch
https://fortiguard.fortinet.com/psirt/FG-IR-24-501
Share on: