CVE-2026-3342

EUVD-2026-9288
An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow an authenticated privileged administrator to execute arbitrary code with root permissions via an exposed management interface.

This vulnerability affects Fireware OS 11.9 up to and including 11.12.4_Update1, 12.0 up to and including 12.11.7 and 2025.1 up to and including 2026.1.1.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.2 HIGH
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
watchguardfireware
12.5 ≤
𝑥
< 12.5.17
watchguardfireware
2025.1 ≤
𝑥
< 2026.1.2
watchguardfireware
11.9 ≤
𝑥
< 12.11.8
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2026-00003