PT-2025-43675 · Watchguard · Firebox+1
Published
2025-10-24
·
Updated
2025-10-24
·
CVE-2025-4106
CVSS v4.0
8.9
High
| Vector | AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
Fireware OS versions prior to 12.11.2
Description
An authenticated administrator user with access to both the management WebUI and command line interface on a Firebox device can enable a diagnostic debug shell. This is achieved by uploading a platform and version-specific diagnostic package and then executing a leftover diagnostic command.
Recommendations
Update to Fireware OS version 12.11.2 or later.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Firebox
Fireware Os