CVE-2026-3342
Received Received - Intake

Out-of-Bounds Write in WatchGuard Fireware OS Enables Root Code Execution

Vulnerability report for CVE-2026-3342, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-03-03

Last updated on: 2026-03-04

Assigner: WatchGuard Technologies, Inc.

Description

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow an authenticated privileged administrator to execute arbitrary code with root permissions via an exposed management interface. This vulnerability affects Fireware OS 11.9 up to and including 11.12.4_Update1, 12.0 up to and including 12.11.7 and 2025.1 up to and including 2026.1.1.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-03-03
Last Modified
2026-03-04
Generated
2026-07-06
AI Q&A
2026-03-03
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 3 associated CPEs
Vendor Product Version / Range
watchguard fireware From 12.5 (inc) to 12.5.17 (exc)
watchguard fireware From 2025.1 (inc) to 2026.1.2 (exc)
watchguard fireware From 11.9 (inc) to 12.11.8 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-787 The product writes data past the end, or before the beginning, of the intended buffer.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability is an Out-of-bounds Write issue in WatchGuard Fireware OS. It allows an authenticated privileged administrator to execute arbitrary code with root permissions through an exposed management interface.

Impact Analysis

The vulnerability can lead to an attacker with privileged administrator access executing arbitrary code with root-level permissions. This could result in full control over the affected system, potentially compromising its integrity, confidentiality, and availability.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

I don't know

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-3342. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart