CVE-2026-3344

MEDIUM EPSS 17.1%
Published Mar 3, 20263mo ago · Modified Jun 17, 20261w ago
6.9 CVSS 4.0
Medium
Find Similar
Published Mar 3, 2026 3mo ago
Last Modified Jun 17, 2026 1w ago

Description

A vulnerability in WatchGuard Fireware OS may allow an attacker to bypass the Fireware OS filesystem integrity check and maintain limited persistence via a maliciously-crafted firmware update package.This issue affects Fireware OS 12.0 up to and including 12.11.7, 12.5.9 up to and including 12.5.16, and 2025.1 up to and including 2026.1.1.

CVSS Details

Base Score
6.9
Exploitability
Impact
Vector string
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector Network
Attack Complexity Low
Privileges Required High
User Interaction None
Scope X

Threat Intelligence

EPSS Exploit Probability
17.1% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-440

Affected Products 41

VendorProductVersionRange
watchguardfireware*≥12.0  –  <12.11.8
watchguardfirebox_m270*any
watchguardfirebox_m290*any
watchguardfirebox_m370*any
watchguardfirebox_m390*any
watchguardfirebox_m440*any
watchguardfirebox_m4600*any
watchguardfirebox_m470*any
watchguardfirebox_m4800*any
watchguardfirebox_m5600*any
watchguardfirebox_m570*any
watchguardfirebox_m5800*any
watchguardfirebox_m590*any
watchguardfirebox_m670*any
watchguardfirebox_m690*any
watchguardfirebox_nv5*any
watchguardfirebox_t20*any
watchguardfirebox_t25*any
watchguardfirebox_t40*any
watchguardfirebox_t45*any
watchguardfirebox_t55*any
watchguardfirebox_t70*any
watchguardfirebox_t80*any
watchguardfirebox_t85*any
watchguardfireboxcloud*any
watchguardfireboxv*any
watchguardfireware*≥12.5.9  –  <12.5.17
watchguardfirebox_t15*any
watchguardfirebox_t35*any
watchguardfireware*≥2025.1  –  <2026.1.2
watchguardfirebox_m295*any
watchguardfirebox_m395*any
watchguardfirebox_m495*any
watchguardfirebox_m595*any
watchguardfirebox_m695*any
watchguardfirebox_t115-w*any
watchguardfirebox_t125*any
watchguardfirebox_t125-w*any
watchguardfirebox_t145*any
watchguardfirebox_t145-w*any
watchguardfirebox_t185*any

References 1

  • watchguard.com https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2026-00005
    Vendor Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.