CVE-2026-3344

Medium CVSS: 6.9

A vulnerability in WatchGuard Fireware OS may allow an attacker to bypass the Fireware OS filesystem integrity check and maintain limited persistence via a maliciously-crafted firmware update package.This issue affects Fireware OS 12.0 up to and including 12.11.7, 12.5.9 up to and including 12.5.16, and 2025.1 up to and including 2026.1.1.

Vendor

Watchguard

Product

Fireware

CWE

CWE-440

Yayın Tarihi

2026-03-03 14:15:57

Güncelleme

2026-03-04 19:19:41

Source Identifier

5d1c2695-1a31-4499-88ae-e847036fd7e3

KEV Date Added

Kategoriler

CWE-440 Fireware MEDIUM Watchguard 2026

Referanslar

https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2026-00005

Benzer Kayıtlar

Medium

CVE-2026-3343

A reflected cross-site scripting (XSS) vulnerability in the Fireware OS Web UI enabled execution of malicious JavaScript…

High

CVE-2026-3342

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow an authenticated privileged administrator to ex…

Critical

CVE-2025-14733

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to execute ar…

Medium

CVE-2025-6946

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard…

Medium

CVE-2025-13939

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard…

Medium

CVE-2025-13940

An Expected Behavior Violation [CWE-440] vulnerability in WatchGuard Fireware OS may allow an attacker to bypass the Fir…