CVE Catalog

CVE-2026-13050

HighCVSS 8.6
Published: Translated: NVD NIST

Summary

An Out-of-bounds Write vulnerability in the networkd process of WatchGuard Fireware OS allows an authenticated privileged user to execute arbitrary code via specially crafted requests to the Management Web UI. This affects Fireware OS versions 11.8 up to 11.12.4_Update1, 12.0 up to 12.12, and 2025.1 up to 2026.2.

Risk Assessment

The risk involves potential takeover of the device by a privileged attacker, leading to compromise of network integrity and confidentiality of organizational data.

Recommendation

It is recommended to immediately update Fireware OS to a patched version and restrict access to the Management Web UI to trusted IP addresses only.

Original NVD description (English source)

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS networkd process could allow an authenticated privileged user to execute arbitrary code via a specially crafted requests to the Management Web UI.This vulnerability affects Fireware OS 11.8 up to and including 11.12.4_Update1, 12.0 up to and including 12.12 and 2025.1 up to and including 2026.2.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS