Firebox Local Privilege Escallation Vulnerability
Advisory ID
WGSA-2022-00018
Impact
Medium
Status
Resolved
Product Family
Firebox
Published Date
Updated Date
Workaround Available
False
CVSS Score
4.4
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Summary
A local privilege escalation vulnerability in Firebox and XTM devices could allow an attacker to execute commands with root privileges.
Affected
Fireware OS before 12.8.1, 12.x before 12.1.4 and 12.2.x through 12.5.x before 12.5.10.
Resolution
Fireware OS 12.8.1, 12.5.10, 12.1.4
Credits
Charles Fol from LEXFO/AMBIONICS
Advisory Product List
| Product Family | Product Branch | Product List |
|---|---|---|
Firebox
|
Fireware OS 12.x | T20, T25, T40, T45, T55, T70, T80, T85, M270, M290, M370, M390, M470, M570, M590, M670, M690, M440, M4600, M4800, M5600, M5800, Firebox Cloud, Firebox NV5, FireboxV |
Firebox
|
Fireware OS 12.5.x | T15, T35 |