WatchGuard Firebox Hardcoded Fallback Encryption Key in Access Portal Resource Credential Database
Advisory ID
WGSA-2026-00025
CVE
CVE-2026-13728
Impact
Medium
Status
Resolved
Product Family
Firebox
Published Date
Updated Date
Workaround Available
False
CVSS Score
5.9
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N
Summary
In exception circumstances, WatchGuard Fireware OS on a FireCluster may use a hard-coded encryption key to encrypt saved credentials for Access Portal resources.
Affected
This vulnerability affects Fireware OS 12.0 up to and including 12.12, and 2025.1 up to and including 2026.2. This vulnerability does not affect devices that do not support the Access Portal feature or standalone Fireboxes not deployed in a FireCluster.
Resolution
| Vulnerable Version | Resolved Version |
|---|---|
| 2025.1 | 2026.2.1 |
| 12.x | 12.12.1 |
Credits
Cody Sixteen
Advisory Product List
| Product Family | Product Branch | Product List |
|---|---|---|
Firebox
|
Fireware OS 2025.1.x | T115-W, T125, T125-W, T145, T145-W, T185, M295, M395, M495, M595, M695 |
Firebox
|
Fireware OS 12.x | T20, T25, T40, T45, T55, T70, T80, T85, M270, M290, M370, M390, M470, M570, M590, M670, M690, M440, M4600, M4800, M5600, M5800, Firebox Cloud, Firebox NV5, FireboxV |