CVE-2026-8247
Received
Received - Intake
Out-of-bounds Write in WatchGuard Fireware OS
Vulnerability report for CVE-2026-8247, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.
Publication date: 2026-07-03
Last updated on: 2026-07-03
Assigner: WatchGuard Technologies, Inc.
Description
Description
An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow an unauthenticated attacker on the same local network segment to execute arbitrary code.
This vulnerability affects Fireware OS 11.0 up to and including 11.12.4_Update1, 12.0 up to and including 12.12 and 2025.1 up to and including 2026.2.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| watchguard | fireware_os | to 11.12.4_Update1 (inc) |
| watchguard | fireware_os | to 12.12 (inc) |
| watchguard | fireware_os | From 12.5 (inc) to 12.5.18 (inc) |
| watchguard | fireware_os | to 2026.2 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-120 | The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer. |