Btaol

Name of the Vulnerable Software and Affected Versions WatchGuard Firebox systems with Fireware OS versions 12.6.1 through 12.11.8 and 2025.1 through 2026.1.2 Description A path traversal vulnerability exists in the Fireware OS Web UI. A privileged, authenticated remote attacker may be able to execute arbitrary code with elevated system process privileges. Recommendations Update Fireware OS to a version later than 12.11.8. Update Fireware OS to a version later than 2026.1.2.

**Name of the Vulnerable Software and Affected Versions** WatchGuard Fireware OS versions 12.1 through 12.11.8 WatchGuard Fireware OS versions 2025.1 through 2026.1.2 **Description** An Insecure Deserialization issue exists in WatchGuard Fireware OS. An attacker gaining write access to the local filesystem through a separate issue can execute arbitrary code as the 'portald' user. This vulnerability does not affect Firebox platforms lacking the Access Portal feature, such as the T-15 and T-35 models. **Recommendations** Update WatchGuard Fireware OS to a version later than 12.11.8. Update WatchGuard Fireware OS to a version later than 2026.1.2.

**Name of the Vulnerable Software and Affected Versions** WatchGuard Fireware OS versions 11.9 through 11.12.4 Update1 WatchGuard Fireware OS versions 12.0 through 12.11.7 WatchGuard Fireware OS versions 2025.1 through 2026.1.1 **Description** An Out-of-bounds Write vulnerability exists in WatchGuard Fireware OS that may allow an authenticated privileged administrator to execute arbitrary code with root permissions via an exposed management interface. **Recommendations** Update to a version later than 11.12.4 Update1. Update to a version later than 12.11.7. Update to a version later than 2026.1.1.

**Name of the Vulnerable Software and Affected Versions** Fireware OS versions 12.7 through 12.11.7 Fireware OS versions 2025.1 through 2026.1.1 **Description** A reflected cross-site scripting (XSS) issue exists in the Fireware OS Web UI. This allows for the execution of malicious JavaScript within the browser of an authenticated management user when they click a specially crafted link. The issue enables code execution in the user's context. **Recommendations** Fireware OS versions 12.7 through 12.11.7 should be updated. Fireware OS versions 2025.1 through 2026.1.1 should be updated.

**Name of the Vulnerable Software and Affected Versions** WatchGuard Fireware OS versions 12.0 through 12.11.4 WatchGuard Fireware OS versions 12.5 through 12.5.13 WatchGuard Fireware OS versions 2025.1 through 2025.1.2 **Description** An out-of-bounds write issue exists in the Command Line Interface (CLI) of WatchGuard Fireware OS. A user with privileged access can potentially execute arbitrary code by using a specifically designed CLI command. **Recommendations** Update to a version later than 12.11.4. Update to a version later than 12.5.13. Update to a version later than 2025.1.2.

**Name of the Vulnerable Software and Affected Versions** WatchGuard Fireware OS versions 11.10.2 through 11.12.4 Update1 WatchGuard Fireware OS versions 12.0 through 12.11.3 WatchGuard Fireware OS version 2025.1 **Description** An out-of-bounds write vulnerability exists in WatchGuard Fireware OS, specifically within the iked process responsible for IKEv2 VPN connections. This flaw allows a remote, unauthenticated attacker to execute arbitrary code on affected Firebox devices. The vulnerability impacts both Mobile User VPN with IKEv2 and Branch Office VPN using IKEv2 when configured with a dynamic gateway peer. Reports indicate active exploitation of this vulnerability, with over 75,000 devices potentially exposed globally, with a significant concentration in the United States, Italy, the United Kingdom, and Germany. The vulnerability is tracked as CVE-2025-9242 and has a CVSS score of 9.3, indicating a critical severity. The vulnerability allows attackers to execute code without authentication, potentially granting them full control over VPN gateways and enabling lateral movement within internal networks. **Recommendations** WatchGuard Fireware OS versions 11.10.2 through 11.12.4 Update1: Upgrade to version 2025.1.1, 12.11.4, 12.5.13, or 12.3.1 Update3 (B722811). WatchGuard Fireware OS versions 12.0 through 12.11.3: Upgrade to version 2025.1.1, 12.11.4, 12.5.13, or 12.3.1 Update3 (B722811). WatchGuard Fireware OS version 2025.1: Upgrade to version 2025.1.1, 12.11.4, 12.5.13, or 12.3.1 Update3 (B722811). Rotate all locally stored secrets on affected appliances. Limit IKEv2 to trusted configurations.