CVE-2026-13722
HighCVSS 8.6Summary
A vulnerability in WatchGuard Fireware OS allows bypassing firmware validation when processing a backup image via the backup/restore feature. An authenticated administrator can exploit this to install a tampered firmware image.
Risk Assessment
An attacker with administrative privileges can upload malicious firmware, leading to full device compromise and potential network security breaches.
Recommendation
Immediately update WatchGuard Fireware OS to a patched version and restrict access to the backup/restore feature to trusted administrators only.
Original NVD description (English source)
WatchGuard Fireware OS contains a firmware validation bypass when processing a backup image via the backup/restore feature. An authenticated administrator can exploit this vulnerability to install a tampered firmware image.This vulnerability affects Fireware OS 11.0 up to and including 11.12.4_Update1, 12.0 up to and including 12.12 and 2025.1 up to and including 2025.6.2.

