OpenSSL CVE-2022-3602 and CVE-2022-3786
Advisory ID
WGSA-2022-00021
CVE
CVE-2022-3602, CVE-2022-3786
Impact
High
Status
Not Applicable
Product Family
Firebox,
Dimension,
WatchGuard Cloud,
Secure Wi-Fi
Published Date
Updated Date
Workaround Available
True
CVSS Score
7.5
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Updated 2 November 2022, 12:22 PDT: Added response for Endpoint products
On 1 November 2022, OpenSSL disclosed CVE-2022-3602 and CVE-2022-3786, two high severity buffer overflow vulnerabilities in certificate validation present in OpenSSL 3.0.x up to and including 3.0.6. An attacker could exploit either vulnerability with a maliciously-crafted certificate that has been signed by a trusted certificate authority.
Pre-announcements of CVE-2022-3602 described this issue as CRITICAL. Further analysis based on some of the mitigating factors have led this to be downgraded to HIGH.
Affected
| Product | Affected Version(s) | Note |
|---|---|---|
| Firebox | Not Impacted | The Firebox does not use a vulnerable version of OpenSSL |
| WSM | Not Impacted | WSM does not use a vulnerable version of OpenSSL |
| Dimension | Not Impacted | Dimension does not use a vulnerable version of OpenSSL |
| Cloud Wi-Fi APs | Not Impacted | WatchGuard APs do not use a vulnerable version of OpenSSL |
| Endpoint | Not Impacted | WatchGuard EPDR and Panda AD360 do not use a vulnerable version of OpenSSL |
Resolution
| Product | Affected Version(s) | Note |
|---|---|---|
| Firebox | Not Impacted | The Firebox does not use a vulnerable version of OpenSSL |
| WSM | Not Impacted | WSM does not use a vulnerable version of OpenSSL |
| Dimension | Not Impacted | Dimension does not use a vulnerable version of OpenSSL |
| Cloud Wi-Fi APs | Not Impacted | WatchGuard APs do not use a vulnerable version of OpenSSL |
| Endpoint | Not Impacted | WatchGuard EPDR and Panda AD360 do not use a vulnerable version of OpenSSL |
Advisory Product List
| Product Family | Product Branch | Product List |
|---|---|---|
Firebox
|
Fireware OS 12.x | T20, T25, T40, T45, T55, T70, T80, T85, M270, M290, M370, M390, M470, M570, M590, M670, M690, M440, M4600, M4800, M5600, M5800, Firebox Cloud, Firebox NV5, FireboxV |
Firebox
|
Fireware OS 12.5.x | T15, T35 |
Dimension
|
Dimension | Dimension |
WatchGuard Cloud
|
WatchGuard Cloud | WatchGuard Cloud |
Secure Wi-Fi
|
Wi-Fi 4 & 5 | AP125, AP225W, AP325, AP327X, AP420 |
Secure Wi-Fi
|
Wi-Fi 6 | AP130, AP330, AP332CR, AP430CR, AP432 |