WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access. This vulnerability impacts Fireware OS before 12.7.2_U1, 12.x before 12.1.3_U3, and 12.2.x through 12.5.x before 12.5.7_U3.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HWatchguard Fireware
OSWatchguard12.1.312.5.712.7.212.0.0 – 12.1.3 (bez)12.2.0 – 12.5.7 (bez)
CISA KEV — detailsi
- Vendori
- WatchGuard
- Producti
- Firebox and XTM
- Added to KEVi
- April 11, 2022
- Remediation deadline (US Federal)i
- May 2, 2022(overdue)
Apply updates per vendor instructions.
WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access.
Related vulnerabilities
RCE bez uwierzytelnienia w WatchGuard Fireware OS – podatność IKEv2 VPN
RCE przez Out-of-bounds Write w WatchGuard Fireware OS (IKEv2 VPN)
On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code, aka FBX-22786. T...
An integer overflow in WatchGuard Firebox and XTM appliances allows an unauthenticated remote attacker to trig...
WatchGuard Firebox and XTM appliances allow an unauthenticated remote attacker to delete arbitrary files from ...