CVE-2025-12026

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-12026

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-12026.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-12026

Published

2025-12-04T22:15:46.777Z

Modified

2026-03-12T17:35:30.979148Z

Severity

7.2 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS’s certificate request command could allow an authenticated privileged user to execute arbitrary code via specially crafted CLI commands.This vulnerability affects Fireware OS 12.0 up to and including 12.11.4, 12.5 up to and including 12.5.13, and 2025.1 up to and including 2025.1.2.

References

https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-00017

Affected packages

Git /

Affected ranges

Database specific

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "2025.1"
            },
            {
                "fixed": "2025.1.3"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "12.0.0"
            },
            {
                "fixed": "12.11.5"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "12.5"
            },
            {
                "fixed": "12.5.14"
            }
        ]
    }
]

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-12026.json"