Security Advisory Detail

Firebox Authenticated Buffer Overflow Vulnerability

Advisory ID
WGSA-2024-00011
CVE
CVE-2024-5974
Impact
High
Status
Resolved
Product Family
Firebox
Published Date
Updated Date
Workaround Available
True
CVSS Score
7.2
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary

A buffer overflow in WatchGuard Fireware OS could may allow an authenticated remote attacker with privileged management access to execute arbitrary code with system privileges on the firewall.

Affected

Fireware OS 11.9.4 through 12.5.12_Update1 and Fireware 12.6 through 12.10.3

Resolution

Fireware OS 12.10.4 Fireware OS 12.5.12 Update 2

Credits
Internally Discovered
Advisory Product List
Product Family
Product Branch
Product List
Firebox
XTM 1500 and 2520
XTM1520-RP, XTM1525-RP, XTM2520
Firebox
XTM 8 Series (2nd Gen)
XTM850, XTM860, XTM870, XTM870-F
Firebox
Firebox T (2nd Gen)
T15, T15-W, T35, T35-W, T35-R, T55, T55-W, T70
Firebox
Firebox T (3rd Gen)
T20, T20-W, T40, T40-W, T80
Firebox
Firebox M (2nd Gen)
M270, M370, M470, M570, M670
Firebox
Firebox M (3rd Gen)
M290, M390, M590, M690, M4800, M5800
Firebox
Firebox T (1st Gen)
T10, T10-W, T10-D, T30, T30-W, T50, T50-W
Firebox
Firebox M (1st Gen)
M200, M300, M400, M440, M500
Firebox
FireboxV
Small, Medium, Large, XLarge
Firebox
FireboxCloud
Small, Medium, Large, XLarge
Firebox
Firebox T (4th Gen)
NV5, T25, T45, T85
Firebox
XTMv
Small, Medium, Large, Datacenter