CVE-2025-13940
BaseFortify
Publication date: 2025-12-04
Last updated on: 2025-12-10
Assigner: WatchGuard Technologies, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| watchguard | fireware | From 2025.1 (inc) to 2025.1.3 (exc) |
| watchguard | firebox_t115-w | * |
| watchguard | firebox_t125 | * |
| watchguard | firebox_t125-w | * |
| watchguard | firebox_t145 | * |
| watchguard | firebox_t145-w | * |
| watchguard | firebox_t185 | * |
| watchguard | fireware | From 12.8.1 (inc) to 12.11.5 (exc) |
| watchguard | firebox_m270 | * |
| watchguard | firebox_m290 | * |
| watchguard | firebox_m370 | * |
| watchguard | firebox_m390 | * |
| watchguard | firebox_m440 | * |
| watchguard | firebox_m4600 | * |
| watchguard | firebox_m470 | * |
| watchguard | firebox_m4800 | * |
| watchguard | firebox_m5600 | * |
| watchguard | firebox_m570 | * |
| watchguard | firebox_m5800 | * |
| watchguard | firebox_m590 | * |
| watchguard | firebox_m670 | * |
| watchguard | firebox_m690 | * |
| watchguard | firebox_nv5 | * |
| watchguard | firebox_t20 | * |
| watchguard | firebox_t25 | * |
| watchguard | firebox_t40 | * |
| watchguard | firebox_t45 | * |
| watchguard | firebox_t55 | * |
| watchguard | firebox_t70 | * |
| watchguard | firebox_t80 | * |
| watchguard | firebox_t85 | * |
| watchguard | fireboxcloud | * |
| watchguard | fireboxv | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-440 | A feature, API, or function does not perform according to its specification. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an Expected Behavior Violation (CWE-440) in WatchGuard Fireware OS that allows an attacker to bypass the boot time system integrity check. This means the attacker can prevent the Firebox device from shutting down even if the system integrity check fails during boot. However, the on-demand system integrity check via the Fireware Web UI will still correctly display a failure message if the integrity check fails.
How can this vulnerability impact me? :
This vulnerability could allow an attacker to keep the Firebox device running despite a failed system integrity check, potentially allowing compromised or altered system states to persist. This could lead to security risks such as unauthorized access or system instability because the device does not shut down as expected when integrity checks fail.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by performing the on-demand system integrity check in the Fireware Web UI, which will correctly show a failed system integrity check message if the system integrity check fails.
What immediate steps should I take to mitigate this vulnerability?
There is no workaround available for this vulnerability. The immediate step to mitigate this vulnerability is to upgrade affected Fireware OS versions to 12.11.5 or 2025.1.3, where the issue has been resolved. [1]