9.8
CVE-2022-26318
- EPSS 92.76%
- Published 04.03.2022 18:15:08
- Last modified 14.03.2025 19:59:55
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code, aka FBX-22786. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2.
Data is provided by the National Vulnerability Database (NVD)
Watchguard ≫ Fireware Version >= 12.0.0 < 12.1.3
Watchguard ≫ Fireware Version >= 12.5.0 < 12.5.9
Watchguard ≫ Fireware Version >= 12.7.0 < 12.7.2
Watchguard ≫ Fireware Version12.1.3
Watchguard ≫ Fireware Version12.1.3 Updateu1
Watchguard ≫ Fireware Version12.1.3 Updateu2
Watchguard ≫ Fireware Version12.1.3 Updateu3
Watchguard ≫ Fireware Version12.1.3 Updateu4
Watchguard ≫ Fireware Version12.1.3 Updateu5
Watchguard ≫ Fireware Version12.1.3 Updateu6
Watchguard ≫ Fireware Version12.1.3 Updateu7
Watchguard ≫ Fireware Version12.5.9 Updateu1
Watchguard ≫ Fireware Version12.7.2 Updateu1
25.03.2022: CISA Known Exploited Vulnerabilities (KEV) Catalog
WatchGuard Firebox and XTM Appliances Arbitrary Code Execution
VulnerabilityOn WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code.
DescriptionApply updates per vendor instructions.
Required actions| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 92.76% | 0.997 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|