Security Advisory Detail

WatchGuard Firebox Firmware Image Validation Bypass in WatchGuard Fireware OS

Advisory ID
WGSA-2026-00022
CVE
CVE-2026-13722
Impact
High
Status
Resolved
Product Family
Firebox
Published Date
Updated Date
Workaround Available
False
CVSS Score
8.6
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Summary

WatchGuard Fireware OS contains a firmware validation bypass when processing a backup image via the backup/restore feature. An authenticated administrator can exploit this vulnerability to install a tampered firmware image.

Affected

This vulnerability affects Fireware OS 11.0 up to and including 11.12.4_Update1, 12.0 up to and including 12.12, 12.5 up to and including 12.5.18, and 2025.1 up to and including 2026.2.

Resolution
Vulnerable Version Resolved Version
2025.1 2026.2.1
12.x 12.12.1
12.5.x (T15 & T35 models) Unresolved
11.x End of Life
Advisory Product List
Product Family Product Branch Product List
Firebox
Fireware OS 12.5.x T15, T35
Firebox
Fireware OS 2025.1.x T115-W, T125, T125-W, T145, T145-W, T185, M295, M395, M495, M595, M695
Firebox
Fireware OS 12.x T20, T25, T40, T45, T55, T70, T80, T85, M270, M290, M370, M390, M470, M570, M590, M670, M690, M440, M4600, M4800, M5600, M5800, Firebox Cloud, Firebox NV5, FireboxV