CVE-2025-1545
BaseFortify
Publication date: 2025-12-04
Last updated on: 2025-12-10
Assigner: WatchGuard Technologies, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| watchguard | fireware | From 2025.1 (inc) to 2025.1.3 (exc) |
| watchguard | firebox_t115-w | * |
| watchguard | firebox_t125 | * |
| watchguard | firebox_t125-w | * |
| watchguard | firebox_t145 | * |
| watchguard | firebox_t145-w | * |
| watchguard | firebox_t185 | * |
| watchguard | fireware | From 11.11 (inc) to 12.11.5 (exc) |
| watchguard | firebox_m270 | * |
| watchguard | firebox_m290 | * |
| watchguard | firebox_m370 | * |
| watchguard | firebox_m390 | * |
| watchguard | firebox_m440 | * |
| watchguard | firebox_m4600 | * |
| watchguard | firebox_m470 | * |
| watchguard | firebox_m4800 | * |
| watchguard | firebox_m5600 | * |
| watchguard | firebox_m570 | * |
| watchguard | firebox_m5800 | * |
| watchguard | firebox_m590 | * |
| watchguard | firebox_m670 | * |
| watchguard | firebox_m690 | * |
| watchguard | firebox_nv5 | * |
| watchguard | firebox_t20 | * |
| watchguard | firebox_t25 | * |
| watchguard | firebox_t40 | * |
| watchguard | firebox_t45 | * |
| watchguard | firebox_t55 | * |
| watchguard | firebox_t70 | * |
| watchguard | firebox_t80 | * |
| watchguard | firebox_t85 | * |
| watchguard | fireboxcloud | * |
| watchguard | fireboxv | * |
| watchguard | fireware | From 11.11 (inc) to 12.5.14 (exc) |
| watchguard | firebox_t15 | * |
| watchguard | firebox_t35 | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-91 | The product does not properly neutralize special elements that are used in XML, allowing attackers to modify the syntax, content, or commands of the XML before it is processed by an end system. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows a remote unauthenticated attacker to retrieve sensitive information from the Firebox configuration, which could lead to unauthorized access to sensitive data. This exposure may negatively impact compliance with data protection standards and regulations such as GDPR and HIPAA, which require safeguarding sensitive information against unauthorized access. However, specific compliance impacts or guidance are not detailed in the provided resources. [1]
Can you explain this vulnerability to me?
This vulnerability is an XPath Injection in WatchGuard Fireware OS that allows a remote unauthenticated attacker to retrieve sensitive information from the Firebox configuration. It occurs through an exposed authentication or management web interface and affects systems with at least one authentication hotspot configured.
How can this vulnerability impact me? :
The vulnerability can allow an attacker to remotely access sensitive configuration information from the Firebox device without authentication, potentially leading to unauthorized disclosure of critical system details and compromising the security of the network protected by the device.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, immediately upgrade your Fireware OS to a fixed version. The issue is resolved in Fireware OS versions 2025.1.3, 12.11.5, and 12.5.14 (for T15 & T35 models). Since no workaround is available, applying the update is the only effective mitigation. Additionally, ensure that any Firebox systems with authentication hotspots are prioritized for this update. [1]