wid-sec-w-2026-0892 · Published 2026-03-26 · View on BSI CERT-Bund ↗

WatchGuard Firebox: Multiple Vulnerabilities

CVSS 8.4 HIGH

Risk Summary

An Insecure Deserialization vulnerability in WatchGuard Fireware OS allows an attacker that has obtained write access to the local filesystem through another vulnerability to execute arbitrary code in the context of the portald user.This issue affects Fireware OS: 12.1 through 12.11.8 and 2025.1 through 2026.1.2. Note, this vulnerability does not affect Firebox platforms that do not support the Access Portal feature, including the T-15 and T-35.

CVEs (2)

CVE-2026-4266 CVE-2026-4315

Affected Vendors

WatchGuard

Affected Products (7)

WatchGuard · Firebox <2026.2

WatchGuard · Firebox 2026.2

WatchGuard · Firebox <12.12

WatchGuard · Firebox 12.12

WatchGuard · Firebox <12.5.18

WatchGuard · Firebox 12.5.18

WatchGuard · Firebox 11.x

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more