Firebox Authenticated Buffer Overflow Vulnerability

Advisory ID

WGSA-2024-00011

CVE

CVE-2024-5974

Impact

High

Status

Resolved

Product Family

Firebox

Published Date

2024-06-27

Updated Date

2024-06-27

Workaround Available

False

CVSS Score

7.2

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Summary

A buffer overflow in WatchGuard Fireware OS could may allow an authenticated remote attacker with privileged management access to execute arbitrary code with system privileges on the firewall.

Affected

Fireware OS 11.9.4 through 12.5.12_Update1 and Fireware 12.6 through 12.10.3

Resolution

Fireware OS 12.10.4 Fireware OS 12.5.12 Update 2

Credits

Internally Discovered

Advisory Product List

Product Family	Product Branch	Product List
Firebox	Fireware OS 12.x	T20, T25, T40, T45, T55, T70, T80, T85, M270, M290, M370, M390, M470, M570, M590, M670, M690, M440, M4600, M4800, M5600, M5800, Firebox Cloud, Firebox NV5, FireboxV
Firebox	Fireware OS 12.5.x	T15, T35

Listado de avisos

Go to