Security Advisory Detail

WatchGuard Firebox wgagent Out of Bounds Write Vulnerability

Advisory ID
WGSA-2026-00021
CVE
CVE-2026-13384
Impact
High
Status
Resolved
Product Family
Firebox
Published Date
Updated Date
Workaround Available
False
CVSS Score
8.6
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Summary

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS wgagent process could allow an authenticated privileged user to execute arbitrary code via a specially crafted requests to the Management Web UI.

Affected

This vulnerability affects Fireware OS 12.1 up to and including 12.12, 12.5 up to and including 12.5.18, and 2025.1 up to and including 2026.2.

Resolution
Vulnerable Version Resolved Version
2025.1 2026.2.1
12.x 12.12.1
12.5.x (T15 & T35 models) Unresolved
Credits
Cody Sixteen
Advisory Product List
Product Family Product Branch Product List
Firebox
Fireware OS 12.5.x T15, T35
Firebox
Fireware OS 2025.1.x T115-W, T125, T125-W, T145, T145-W, T185, M295, M395, M495, M595, M695
Firebox
Fireware OS 12.x T20, T25, T40, T45, T55, T70, T80, T85, M270, M290, M370, M390, M470, M570, M590, M670, M690, M440, M4600, M4800, M5600, M5800, Firebox Cloud, Firebox NV5, FireboxV