CVE-2026-3344
Firmware Update Bypass Vulnerability in WatchGuard Fireware OS
Publication date: 2026-03-03
Last updated on: 2026-03-04
Assigner: WatchGuard Technologies, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| watchguard | fireware | From 12.0 (inc) to 12.11.8 (exc) |
| watchguard | fireware | From 12.5.9 (inc) to 12.5.17 (exc) |
| watchguard | fireware | From 2025.1 (inc) to 2026.1.2 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-440 | A feature, API, or function does not perform according to its specification. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in WatchGuard Fireware OS and allows an attacker to bypass the filesystem integrity check of the operating system.
By exploiting this issue, an attacker can maintain limited persistence on the device by using a maliciously-crafted firmware update package.
The affected versions include Fireware OS 12.0 up to 12.11.7, 12.5.9 up to 12.5.16, and 2025.1 up to 2026.1.1.
How can this vulnerability impact me? :
An attacker exploiting this vulnerability can bypass the filesystem integrity checks and gain limited persistence on the affected device.
This means the attacker could potentially maintain a foothold on the system even after reboots or updates, which could lead to unauthorized access or control.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
I don't know