CVE-2025-46215 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2025-46215

CWE

https://cwe.mitre.org/data/definitions/653.html

An Improper Isolation or Compartmentalization vulnerability [CWE-653] in Fortinet FortiSandbox 5.0.0 through 5.0.1, FortiSandbox 4.4.0 through 4.4.7, FortiSandbox 4.2 all versions, FortiSandbox 4.0 all versions may allow an unauthenticated attacker to evade the sandboxing scan via a crafted file.

Weakness

The product does not properly compartmentalize or isolate functionality, processes, or resources that require different privilege levels, rights, or permissions.

Affected Software

Name	Vendor	Start Version	End Version
Fortisandbox	Fortinet	4.0.0 (including)	4.4.8 (excluding)
Fortisandbox	Fortinet	5.0.0 (including)	5.0.2 (excluding)

Potential Mitigations

References

https://fortiguard.fortinet.com/psirt/FG-IR-24-501