CVE-2026-3342

Published: Mar 3, 2026Modified: Mar 4, 2026

8.6

Vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XShow less

Source: 5d1c2695-1a31-4499-88ae-e847036fd7e3 (Secondary)

Description

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow an authenticated privileged administrator to execute arbitrary code with root permissions via an exposed management interface. This vulnerability affects Fireware OS 11.9 up to and including 11.12.4_Update1, 12.0 up to and including 12.11.7 and 2025.1 up to and including 2026.1.1.

Affected (3)

Products: Watchguard: Fireware

Watchguard

1 product

Fireware

Configuration A

1 vulnerable · 2 platform

Vulnerable Software	Affected Versions
Watchguard Fireware	From 12.5 to 12.5.17

Running on/with	Platform Versions
Watchguard Firebox T15	All versions
Watchguard Firebox T35	All versions

Configuration B

1 vulnerable · 11 platform

Vulnerable Software	Affected Versions
Watchguard Fireware	From 2025.1 to 2026.1.2

Running on/with	Platform Versions
Watchguard Firebox M295	All versions
Watchguard Firebox M395	All versions
Watchguard Firebox M495	All versions
Watchguard Firebox M595	All versions
Watchguard Firebox M695	All versions
Watchguard Firebox T115 W	All versions
Watchguard Firebox T125	All versions
Watchguard Firebox T125 W	All versions
Watchguard Firebox T145	All versions
Watchguard Firebox T145 W	All versions
Watchguard Firebox T185	All versions

Configuration C

1 vulnerable · 25 platform

Vulnerable Software	Affected Versions
Watchguard Fireware	From 11.9 to 12.11.8

Running on/with	Platform Versions
Watchguard Firebox M270	All versions
Watchguard Firebox M290	All versions
Watchguard Firebox M370	All versions
Watchguard Firebox M390	All versions
Watchguard Firebox M440	All versions
Watchguard Firebox M4600	All versions
Watchguard Firebox M470	All versions
Watchguard Firebox M4800	All versions
Watchguard Firebox M5600	All versions
Watchguard Firebox M570	All versions
Watchguard Firebox M5800	All versions
Watchguard Firebox M590	All versions
Watchguard Firebox M670	All versions
Watchguard Firebox M690	All versions
Watchguard Firebox Nv5	All versions
Watchguard Firebox T20	All versions
Watchguard Firebox T25	All versions
Watchguard Firebox T40	All versions
Watchguard Firebox T45	All versions
Watchguard Firebox T55	All versions
Watchguard Firebox T70	All versions
Watchguard Firebox T80	All versions
Watchguard Firebox T85	All versions
Watchguard Fireboxcloud	All versions
Watchguard Fireboxv	All versions

Related CWEs

CWE-787

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (1)

https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2026-00003

Source: 5d1c2695-1a31-4499-88ae-e847036fd7e3

Vendor Advisory

Timeline

No history available yet.