Security Advisory Detail

WatchGuard Firebox Authenticated Out of Bounds Write in Management CLI Command Handler

Advisory ID
WGSA-2026-00030
CVE
CVE-2026-13053
Impact
High
Status
Resolved
Product Family
Firebox
Published Date
Updated Date
Workaround Available
False
CVSS Score
8.6
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Summary

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS's CLI could allow an authenticated privileged user to execute arbitrary code via a specially crafted CLI command.

Affected

This vulnerability affects Fireware OS 11.0 up to and including 11.12.4_Update1, 12.0 up to and including 12.12, 12.5 up to and including 12.5.18, and 2025.1 up to and including 2026.2.

Resolution
Vulnerable Version Resolved Version
2025.1 2026.2.1
12.x 12.12.1
12.5.x (T15 & T35 models) Unresolved
11.x End of Life
Credits
Nicholas Zubrisky (@NZubrisky) of TrendAI Research
Advisory Product List
Product Family Product Branch Product List
Firebox
Fireware OS 12.5.x T15, T35
Firebox
Fireware OS 2025.1.x T115-W, T125, T125-W, T145, T145-W, T185, M295, M395, M495, M595, M695
Firebox
Fireware OS 12.x T20, T25, T40, T45, T55, T70, T80, T85, M270, M290, M370, M390, M470, M570, M590, M670, M690, M440, M4600, M4800, M5600, M5800, Firebox Cloud, Firebox NV5, FireboxV