Skip to main content

Fireware CVE-2026-3342

HIGH
Out-of-bounds Write (CWE-787)
2026-03-03 5d1c2695-1a31-4499-88ae-e847036fd7e3
7.2
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.2 HIGH
AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

2
Analysis Generated
Mar 12, 2026 - 22:05 vuln.today
CVE Published
Mar 03, 2026 - 14:15 nvd
HIGH 7.2

DescriptionCVE.org

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow an authenticated privileged administrator to execute arbitrary code with root permissions via an exposed management interface.

This vulnerability affects Fireware OS 11.9 up to and including 11.12.4_Update1, 12.0 up to and including 12.11.7 and 2025.1 up to and including 2026.1.1.

AnalysisAI

WatchGuard Fireware OS contains an out-of-bounds write vulnerability in its management interface that permits authenticated administrators to achieve root-level code execution. The flaw affects versions 11.9 through 11.12.4_Update1, 12.0 through 12.11.7, and 2025.1 through 2026.1.1, with no patch currently available. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Authenticate as privileged administrator
Exploit
Access exposed management interface
Execution
Send crafted request triggering out-of-bounds write
Impact
Execute arbitrary code as root

Vulnerability AssessmentAI

Exploitation Authenticated privileged administrator account on WatchGuard Fireware OS (11.9-11.12.4_Update1, 12.0-12.11.7, or 2025.1-2026.1.1) with access to the exposed management interface; network connectivity to management port required. Additional conditions and limiting factors are described in the full assessment.
Risk Assessment CVSS 7.2 (HIGH). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker (requires authentication) could exploit this vulnerability to an authenticated privileged administrator to execute arbitrary code with root pe.
Remediation Monitor vendor advisories for a patch. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Inventory all WatchGuard Fireware deployments and document current versions; restrict administrative access to the management interface through network segmentation and IP whitelisting. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2025-9242 CRITICAL POC
9.3 Sep 17

WatchGuard Fireware OS contains an out-of-bounds write in IKEv2 VPN handling enabling unauthenticated remote code execut

CVE-2025-1545 HIGH
7.5 Dec 04

An XPath Injection vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to retrieve sensi

CVE-2025-11838 HIGH
7.5 Dec 04

A memory corruption vulnerability in WatchGuard Fireware OS may allow an unauthenticated attacker to trigger a Denial of

CVE-2025-12196 HIGH
7.2 Dec 04

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS's CLI could allow an authenticated privileged user to exe

CVE-2025-12195 HIGH
7.2 Dec 04

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS's CLI could allow an authenticated privileged user to exe

CVE-2025-12026 HIGH
7.2 Dec 04

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS’s certificate request command could allow an authenticate

CVE-2025-1547 HIGH
7.2 Dec 04

A stack-based buffer overflow vulnerability [CWE-121] in WatchGuard Fireware OS's certificate request command could allo

CVE-2026-3343 MEDIUM
6.1 Mar 03

Fireware OS Web UI contains a reflected XSS vulnerability that allows attackers to execute arbitrary JavaScript in authe

CVE-2025-13939 MEDIUM
6.1 Dec 04

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard

CVE-2025-13938 MEDIUM
6.1 Dec 04

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard

CVE-2025-13937 MEDIUM
6.1 Dec 04

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard

CVE-2025-13936 MEDIUM
6.1 Dec 04

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard

Share

CVE-2026-3342 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy