WatchGuard Firebox wgagent Out of Bounds Write Vulnerability
Advisory ID
WGSA-2026-00021
CVE
CVE-2026-13384
Impact
High
Status
Resolved
Product Family
Firebox
Published Date
Updated Date
Workaround Available
False
CVSS Score
8.6
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Summary
An Out-of-bounds Write vulnerability in WatchGuard Fireware OS wgagent process could allow an authenticated privileged user to execute arbitrary code via a specially crafted requests to the Management Web UI.
Affected
This vulnerability affects Fireware OS 12.1 up to and including 12.12, 12.5 up to and including 12.5.18, and 2025.1 up to and including 2026.2.
Resolution
| Vulnerable Version | Resolved Version |
|---|---|
| 2025.1 | 2026.2.1 |
| 12.x | 12.12.1 |
| 12.5.x (T15 & T35 models) | Unresolved |
Credits
Cody Sixteen
Advisory Product List
| Product Family | Product Branch | Product List |
|---|---|---|
Firebox
|
Fireware OS 12.5.x | T15, T35 |
Firebox
|
Fireware OS 2025.1.x | T115-W, T125, T125-W, T145, T145-W, T185, M295, M395, M495, M595, M695 |
Firebox
|
Fireware OS 12.x | T20, T25, T40, T45, T55, T70, T80, T85, M270, M290, M370, M390, M470, M570, M590, M670, M690, M440, M4600, M4800, M5600, M5800, Firebox Cloud, Firebox NV5, FireboxV |