WatchGuard Firebox Authenticated Stack Overflow in Certificate Request Command
Advisory ID
WGSA-2025-00013
CVE
CVE-2025-1547
Impact
High
Status
Resolved
Product Family
Firebox
Published Date
Updated Date
Workaround Available
False
CVSS Score
7.5
CVSS Vector
CVSS:4.0/AV:N/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Summary
Updated September 17 2025: Updated to add Fireware OS 12.5.13 as a resolved release
A stack-based buffer overflow vulnerability [CWE-121] in WatchGuard Fireware OS's certificate request command could allow an authenticated privileged user to execute arbitrary code via specially crafted CLI commands.
Affected
This issue affects Fireware OS: from 12.0 up to and including 12.11.2.
Resolution
| Vulnerable Version | Resolved Version |
|---|---|
| 12.x | 12.11.3 |
| 12.5.x (T15 & T35 models) | 12.5.13 |
Workaround
WatchGuard Firebox administrators should never expose management interfaces, including the command line interface, to untrusted networks. Follow WatchGuard's Firebox Remote Management Best Practices for additional guidance.
Credits
Cody Sixteen
Advisory Product List
| Product Family | Product Branch | Product List |
|---|---|---|
Firebox
|
Fireware OS 12.5.x | T15, T35 |
Firebox
|
Fireware OS 12.x | T20, T25, T40, T45, T55, T70, T80, T85, M270, M290, M370, M390, M470, M570, M590, M670, M690, M440, M4600, M4800, M5600, M5800, Firebox Cloud, Firebox NV5, FireboxV |