Buffer Overflow in WatchGuard Fireware OS Could Allow Arbitrary Code Execution
CVE-2024-5974
7.2HIGH
Key Information:
- Vendor
- Watchguard
- Status
- Fireware Os
- Vendor
- CVE Published:
- 9 July 2024
Summary
A buffer overflow vulnerability found in WatchGuard's Fireware OS allows an authenticated remote attacker with privileged management access to potentially execute arbitrary code with system privileges. This flaw affects numerous versions of the Fireware OS ranging from 11.9.6 through 12.10.3, posing significant risks to the security framework of any deployed firewall. Organizations using these versions should prioritize applying available patches and updates to mitigate potential exploitation of this vulnerability.
Affected Version(s)
Fireware OS 11.9.6 <= 12.5.12+687697
Fireware OS 12.6.0 <= 12.10.3
References
CVSS V3.1
Score:
7.2
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved