Integer overflow

2022-09-0619:15:00

PRIOn knowledge base

www.prio-n.com

watchguard

firebox

xtm

integer overflow

buffer overflow

remote attacker

arbitrary code

management ports

fireware os 12.8.1

12.5.10

12.1.4

9.8 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.0%

JSON

An integer overflow in WatchGuard Firebox and XTM appliances allows an unauthenticated remote attacker to trigger a buffer overflow and potentially execute arbitrary code by sending a malicious request to exposed management ports. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4.

CPENameOperatorVersion
firewareeq12.8.0 u1
firewareeq12.7.2 u2
firewareeq12.7.1
firewareeq12.7.0 u1
firewareeq12.6.3
firewareeq12.6.4
firewareeq12.6.1 u3
firewareeq12.6.1 u1
firewarege12.2.0
firewarelt12.5.10

Name	Operator	Version
fireware	eq	12.8.0 u1
fireware	eq	12.7.2 u2
fireware	eq	12.7.1
fireware	eq	12.7.0 u1
fireware	eq	12.6.3
fireware	eq	12.6.4
fireware	eq	12.6.1 u3
fireware	eq	12.6.1 u1
fireware	ge	12.2.0
fireware	lt	12.5.10