CVE-2026-3342
Out-of-Bounds Write in WatchGuard Fireware OS Enables Root Code Execution
Publication date: 2026-03-03
Last updated on: 2026-03-04
Assigner: WatchGuard Technologies, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| watchguard | fireware | From 12.5 (inc) to 12.5.17 (exc) |
| watchguard | fireware | From 2025.1 (inc) to 2026.1.2 (exc) |
| watchguard | fireware | From 11.9 (inc) to 12.11.8 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-787 | The product writes data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an Out-of-bounds Write issue in WatchGuard Fireware OS. It allows an authenticated privileged administrator to execute arbitrary code with root permissions through an exposed management interface.
How can this vulnerability impact me? :
The vulnerability can lead to an attacker with privileged administrator access executing arbitrary code with root-level permissions. This could result in full control over the affected system, potentially compromising its integrity, confidentiality, and availability.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
I don't know