CVE-2022-23176

Name of the Vulnerable Software and Affected Versions WatchGuard Firebox and XTM appliances versions prior to 12.1.3 U3 WatchGuard Firebox and XTM appliances versions 12.2.x through 12.5.x before 12.5.7 U3 WatchGuard Firebox and XTM appliances versions prior to 12.7.2 U1

Description The issue is related to insecure management of privileges in WatchGuard Firebox and XTM appliances, allowing a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access.

Recommendations For versions prior to 12.1.3 U3, update to version 12.1.3 U3 or later. For versions 12.2.x through 12.5.x before 12.5.7 U3, update to version 12.5.7 U3 or later. For versions prior to 12.7.2 U1, update to version 12.7.2 U1 or later. As a temporary workaround, consider restricting access to the exposed management access until a patch is available.