Security Advisory Detail

WatchGuard Firebox Hardcoded Fallback Encryption Key in Access Portal Resource Credential Database

Advisory ID
WGSA-2026-00025
CVE
CVE-2026-13728
Impact
Medium
Status
Resolved
Product Family
Firebox
Published Date
Updated Date
Workaround Available
False
CVSS Score
5.9
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N
Summary

In exception circumstances, WatchGuard Fireware OS on a FireCluster may use a hard-coded encryption key to encrypt saved credentials for Access Portal resources.

Affected

This vulnerability affects Fireware OS 12.0 up to and including 12.12, and 2025.1 up to and including 2026.2. This vulnerability does not affect devices that do not support the Access Portal feature or standalone Fireboxes not deployed in a FireCluster.

Resolution
Vulnerable Version Resolved Version
2025.1 2026.2.1
12.x 12.12.1
Credits
Cody Sixteen
Advisory Product List
Product Family Product Branch Product List
Firebox
Fireware OS 2025.1.x T115-W, T125, T125-W, T145, T145-W, T185, M295, M395, M495, M595, M695
Firebox
Fireware OS 12.x T20, T25, T40, T45, T55, T70, T80, T85, M270, M290, M370, M390, M470, M570, M590, M670, M690, M440, M4600, M4800, M5600, M5800, Firebox Cloud, Firebox NV5, FireboxV