Fireware Security Vulnerabilities and Issues — Fireware CVE List

Lucene search

WatchguardFireware

7 matches found

CVE•added 2022/02/24 3:15 p.m.•1212 views

CVE-2022-23176

WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access. This vulnerability impacts Fireware OS before 12.7.2_U1, 12.x before 12.1.3_U3, and 12.2.x through 12.5.x before 12.5....

9CVSS8.4AI score0.0696EPSS

In wild

CVE•added 2022/02/24 3:15 p.m.•98 views

CVE-2022-25293

A systemd stack-based buffer overflow in WatchGuard Firebox and XTM appliances allows an authenticated remote attacker to potentially execute arbitrary code by initiating a firmware update with a malicious upgrade image. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8...

8.8CVSS8.9AI score0.03565EPSS

CVE•added 2022/02/24 3:15 p.m.•91 views

CVE-2022-25292

A wgagent stack-based buffer overflow in WatchGuard Firebox and XTM appliances allows an authenticated remote attacker to potentially execute arbitrary code by initiating a firmware update with a malicious upgrade image. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8...

8.8CVSS8.9AI score0.05763EPSS

CVE•added 2022/02/24 3:15 p.m.•80 views

CVE-2022-25290

WatchGuard Firebox and XTM appliances allow an authenticated remote attacker with unprivileged credentials to retrieve certificate private keys. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2.

6.5CVSS6.4AI score0.00141EPSS

CVE•added 2022/02/24 3:15 p.m.•77 views

CVE-2022-25291

An integer overflow in WatchGuard Firebox and XTM appliances allows an authenticated remote attacker to trigger a heap-based buffer overflow and potentially execute arbitrary code by initiating a firmware update with a malicious upgrade image. This vulnerability impacts Fireware OS before 12.7.2_U2...

8.8CVSS8.9AI score0.01923EPSS

CVE•added 2022/02/24 3:15 p.m.•77 views

CVE-2022-25360

WatchGuard Firebox and XTM appliances allow an authenticated remote attacker with unprivileged credentials to upload files to arbitrary locations. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2.

8.8CVSS8.6AI score0.00764EPSS

CVE•added 2022/02/24 3:15 p.m.•57 views

CVE-2022-25363

WatchGuard Firebox and XTM appliances allow an authenticated remote attacker with unprivileged credentials to modify privileged management user credentials. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2.

6.5CVSS6.3AI score0.00181EPSS