CVE-2026-3342

High CVSS: 8.6

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow an authenticated privileged administrator to execute arbitrary code with root permissions via an exposed management interface.

This vulnerability affects Fireware OS 11.9 up to and including 11.12.4_Update1, 12.0 up to and including 12.11.7 and 2025.1 up to and including 2026.1.1.

Vendor

Watchguard

Product

Fireware

CWE

CWE-787

Yayın Tarihi

2026-03-03 14:15:56

Güncelleme

2026-03-04 19:42:25

Source Identifier

5d1c2695-1a31-4499-88ae-e847036fd7e3

KEV Date Added

Kategoriler

CWE-787 Fireware HIGH Watchguard 2026

Referanslar

https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2026-00003

Benzer Kayıtlar

Medium

CVE-2026-3343

A reflected cross-site scripting (XSS) vulnerability in the Fireware OS Web UI enabled execution of malicious JavaScript…

Medium

CVE-2026-3344

A vulnerability in WatchGuard Fireware OS may allow an attacker to bypass the Fireware OS filesystem integrity check and…

Critical

CVE-2025-14733

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to execute ar…

Medium

CVE-2025-6946

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard…

Medium

CVE-2025-13939

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard…

Medium

CVE-2025-13940

An Expected Behavior Violation [CWE-440] vulnerability in WatchGuard Fireware OS may allow an attacker to bypass the Fir…