CVE-2026-13371
Received Received - Intake

Denial-of-Service via Unsafe Deserialization in Fireware Management Web UI

Vulnerability report for CVE-2026-13371, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-03

Last updated on: 2026-07-03

Assigner: WatchGuard Technologies, Inc.

Description

An authenticated administrator can trigger a denial-of-service condition in the Fireware Management Web UI by sending malformed or crafted data to the put_data endpoint, which performs unsafe deserialization of the attacker-supplied input.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-03
Last Modified
2026-07-03
Generated
2026-07-03
AI Q&A
2026-07-03
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 4 associated CPEs
Vendor Product Version / Range
watchguard fireware_os From 12.0 (inc) to 2026.2 (inc)
watchguard fireware_os 2026.2.1
watchguard fireware_os 12.12.1
watchguard fireware_os 12.5

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-502 The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Impact Analysis

The primary impact of this vulnerability is a denial-of-service condition, which can make the Fireware Management Web UI unavailable or unresponsive.

Since the vulnerability requires authenticated administrator access, an attacker with such privileges can disrupt management operations, potentially affecting network security management and monitoring.

The CVSS score of 6.9 indicates a medium severity impact.

Compliance Impact

The provided information does not specify how this vulnerability impacts compliance with common standards and regulations such as GDPR or HIPAA.

Mitigation Strategies

To mitigate this vulnerability, you should upgrade your Fireware OS to a fixed version. The issue has been resolved in Fireware OS versions 2026.2.1 and 12.12.1, as well as in 12.5.x for T15 and T35 models.

No workaround is available, so applying the update is the immediate and necessary step to prevent exploitation.

Executive Summary

This vulnerability allows an authenticated administrator to cause a denial-of-service (DoS) condition in the WatchGuard Firebox Management Web UI.

It occurs because the put_data endpoint performs unsafe deserialization of attacker-supplied input, meaning that malformed or crafted data sent to this endpoint can disrupt normal operation.

The issue affects Fireware OS versions 12.0 through 12.12 and 2025.1 through 2026.2.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-13371. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart