HIGH🚩 CISA KEV⚡ EXPLOIT🇵🇱 Wersja polska

CVE-2022-23176

CVSS 8.8v3.1pub. 2022-02-24upd. 2025-11-03

WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access. This vulnerability impacts Fireware OS before 12.7.2_U1, 12.x before 12.1.3_U3, and 12.2.x through 12.5.x before 12.5.7_U3.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Watchguard Fireware

    OS
    Watchguard
    12.1.312.5.712.7.212.0.0 – 12.1.3 (bez)12.2.0 – 12.5.7 (bez)

CISA KEV — detailsi

Vendori
WatchGuard
Producti
Firebox and XTM
Added to KEVi
April 11, 2022
Remediation deadline (US Federal)i
May 2, 2022(overdue)
Required action (CISA)i

Apply updates per vendor instructions.

CISA descriptioni

WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access.

🔴
IMMEDIATE ACTION
Actively exploited in the wild (CISA KEV). Patch immediately.
CISA DEADLINE: 2 maja 2022
CWE
References

Related vulnerabilities

CVE-2025-14733CRITICAL9.3⚠ KEVPL ✓ten sam produkt

RCE bez uwierzytelnienia w WatchGuard Fireware OS – podatność IKEv2 VPN

CVE-2025-9242CRITICAL9.3⚠ KEVPL ✓ten sam produkt

RCE przez Out-of-bounds Write w WatchGuard Fireware OS (IKEv2 VPN)

CVE-2022-26318CRITICAL9.8⚠ KEVten sam produkt

On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code, aka FBX-22786. T...

CVE-2022-31789CRITICAL9.8ten sam produkt

An integer overflow in WatchGuard Firebox and XTM appliances allows an unauthenticated remote attacker to trig...

CVE-2022-25361CRITICAL9.1ten sam produkt

WatchGuard Firebox and XTM appliances allow an unauthenticated remote attacker to delete arbitrary files from ...