FKIE_CVE-2024-5974

Vulnerability from fkie_nvd - Published: 2024-07-09 03:15 - Updated: 2025-01-13 18:15
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A buffer overflow in WatchGuard Fireware OS could may allow an authenticated remote attacker with privileged management access to execute arbitrary code with system privileges on the firewall. This issue affects Fireware OS: from 11.9.6 through 12.10.3.
References
5d1c2695-1a31-4499-88ae-e847036fd7e3https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00011Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00011Vendor Advisory
Impacted products
Vendor Product Version
watchguard fireware *
watchguard fireware *
watchguard fireware 12.5.12
watchguard firebox_m200 -
watchguard firebox_m270 -
watchguard firebox_m290 -
watchguard firebox_m300 -
watchguard firebox_m370 -
watchguard firebox_m390 -
watchguard firebox_m400 -
watchguard firebox_m440 -
watchguard firebox_m470 -
watchguard firebox_m4800 -
watchguard firebox_m500 -
watchguard firebox_m570 -
watchguard firebox_m5800 -
watchguard firebox_m590 -
watchguard firebox_m670 -
watchguard firebox_m690 -
watchguard firebox_t10 -
watchguard firebox_t10-d -
watchguard firebox_t10-w -
watchguard firebox_t15 -
watchguard firebox_t15-w -
watchguard firebox_t20 -
watchguard firebox_t20-w -
watchguard firebox_t30 -
watchguard firebox_t30-w -
watchguard firebox_t35 -
watchguard firebox_t35-r -
watchguard firebox_t35-w -
watchguard firebox_t40 -
watchguard firebox_t40-w -
watchguard firebox_t50 -
watchguard firebox_t50-w -
watchguard firebox_t55 -
watchguard firebox_t55-w -
watchguard firebox_t70 -
watchguard firebox_t80 -
watchguard firebox_xtm1520-rp -
watchguard firebox_xtm1525-rp -
watchguard firebox_xtm2520 -
watchguard firebox_xtm850 -
watchguard firebox_xtm860 -
watchguard firebox_xtm870 -
watchguard firebox_xtm870-f -
watchguard fireboxcloud -
watchguard fireboxt_nv5 *
watchguard fireboxt_t25 *
watchguard fireboxt_t45 *
watchguard fireboxt_t85 *
watchguard fireboxv -
watchguard xtmv -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "625777A6-D12E-4BBC-BBF0-F7ABE40CC8F5",
              "versionEndExcluding": "12.5.12",
              "versionStartIncluding": "11.9.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7349E570-8D36-4B19-9DBD-E352BB458F23",
              "versionEndExcluding": "12.10.4",
              "versionStartIncluding": "12.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:watchguard:fireware:12.5.12:u1:*:*:*:*:*:*",
              "matchCriteriaId": "2B644B61-D7D7-4658-96FC-3AB7D394CBA8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:watchguard:firebox_m200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "947408A7-EC5A-43A0-A2F0-C51055F29BF0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:watchguard:firebox_m270:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E472917E-D6E1-4C2D-B37D-E76FCC7307CA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:watchguard:firebox_m290:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A8C7779-4466-4A9E-B191-929E7746DFF7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:watchguard:firebox_m300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7867C903-6DB6-4E58-AD44-07BBB9C45E72",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:watchguard:firebox_m370:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CE9A123-B769-4E56-845E-DC3DA6166C78",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:watchguard:firebox_m390:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "180FAE8C-2E73-4C09-AA11-0C82A7715FA3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:watchguard:firebox_m400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BD5BB5D-12FC-4D49-A2FA-8886077457B8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:watchguard:firebox_m440:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "309DBEF2-1D92-4641-827F-D99758B5FFA3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:watchguard:firebox_m470:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBFBA966-E052-4350-9544-3B5D484DBB6B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:watchguard:firebox_m4800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF1E586D-0E88-447A-95E8-5203EF869ADB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:watchguard:firebox_m500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08422D7D-CA99-4303-B783-30F8CDCAC34C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:watchguard:firebox_m570:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "59389EA2-3067-4AF8-AEC5-FE79E269C170",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:watchguard:firebox_m5800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "445FA7CD-D0AE-4176-9AE5-293B918DE654",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:watchguard:firebox_m590:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B4A7366-0304-431E-B3E4-719BA575CEAC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:watchguard:firebox_m670:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8512B4A-5269-4067-B9C6-475A4E8AD313",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:watchguard:firebox_m690:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "179C6166-87E1-44F8-B727-CDDE40C673D9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:watchguard:firebox_t10:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D97A123-654D-40B0-A18B-FE4801BF4506",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:watchguard:firebox_t10-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "983AE311-F2BD-4260-839E-2D906B6E095A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:watchguard:firebox_t10-w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "28634F62-70D4-49F6-860F-8FE1B85707F6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:watchguard:firebox_t15:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "626220F8-7F0C-4DD8-8001-12EA0A777A0D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:watchguard:firebox_t15-w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "083919C1-A383-430A-B56C-13C6128266F8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:watchguard:firebox_t20:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9295217E-C1A0-4A69-A0F0-C44814BB376C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:watchguard:firebox_t20-w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4832E5E-E4ED-4222-B9A5-060FA6AA22DF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:watchguard:firebox_t30:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E10A9DF-DD32-4E42-838D-E398B3451FBF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:watchguard:firebox_t30-w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "29D260C9-BB0C-4546-9E56-0283B9332AC5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:watchguard:firebox_t35:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E561A57F-91A5-4B3C-9F7D-62E9AB5163A7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:watchguard:firebox_t35-r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B691D60-C12E-49DA-9917-4513E4A57B55",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:watchguard:firebox_t35-w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F374AC3-0292-428B-AA39-F60980874160",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:watchguard:firebox_t40:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC853916-8BDC-4F7C-BA53-D6AB490A9444",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:watchguard:firebox_t40-w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4267A4B5-4F48-4104-85E8-3F6B09FD2354",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:watchguard:firebox_t50:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D15B548-CB7C-44B6-A568-7F87652561D3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:watchguard:firebox_t50-w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "07EB3F3A-E508-42EF-9D11-9BC77C35EA60",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:watchguard:firebox_t55:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3562304-0317-4A3C-B622-D5CE01CC97F9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:watchguard:firebox_t55-w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "755CD8FA-C341-4C34-8005-A42C32BD85CF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:watchguard:firebox_t70:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "327BA50A-366A-4367-93B8-328EC0136FA7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:watchguard:firebox_t80:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D92ABD52-20F6-4AB1-801F-9E7B7B1B78A1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:watchguard:firebox_xtm1520-rp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E7C021D-0C50-47A8-B8D6-27BE0FBD025C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:watchguard:firebox_xtm1525-rp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EF67525-E49F-4B2C-823B-8447E8450F27",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:watchguard:firebox_xtm2520:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED8D9112-1504-4341-B2F9-9967B5D02790",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:watchguard:firebox_xtm850:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "95BC88C9-324F-4803-97E4-91773827F4C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:watchguard:firebox_xtm860:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AADF6164-8A53-4023-B326-C3CA1A4DE0A8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:watchguard:firebox_xtm870:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "42A6A10F-C0C1-415F-943D-9CFADC35CF73",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:watchguard:firebox_xtm870-f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EF5490C-5BBD-476C-916E-26C5426A6069",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:watchguard:fireboxcloud:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "158560A0-D694-41AF-A5F8-0F6FB3EFB8FA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:watchguard:fireboxt_nv5:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDA8CE73-14FB-443C-8085-388C61706A90",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:watchguard:fireboxt_t25:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "55490F9D-F216-4A2C-B28D-6DE01CFD5DB7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:watchguard:fireboxt_t45:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "26488C22-70A1-434B-9FC2-7C0EB4E2696F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:watchguard:fireboxt_t85:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5EDF2C3-FDF2-4D97-A056-462AE61DBF8A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:watchguard:fireboxv:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4ECAE1D7-9868-4730-B645-44CB1B6FDE96",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:watchguard:xtmv:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "72807176-5A59-4BFD-B6C0-2738D9FD3AB5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A buffer overflow in WatchGuard Fireware OS could may allow an authenticated remote attacker with privileged management access to execute arbitrary code with system privileges on the firewall.\nThis issue affects Fireware OS: from 11.9.6 through 12.10.3."
    },
    {
      "lang": "es",
      "value": "Un desbordamiento del b\u00fafer en WatchGuard Fireware OS podr\u00eda permitir que un atacante remoto autenticado con acceso de administraci\u00f3n privilegiado ejecute c\u00f3digo arbitrario con privilegios del sistema en el firewall. Este problema afecta al sistema operativo Fireware: desde 11.9.6 hasta 12.10.3."
    }
  ],
  "id": "CVE-2024-5974",
  "lastModified": "2025-01-13T18:15:19.697",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.9,
        "source": "5d1c2695-1a31-4499-88ae-e847036fd7e3",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-07-09T03:15:02.507",
  "references": [
    {
      "source": "5d1c2695-1a31-4499-88ae-e847036fd7e3",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00011"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00011"
    }
  ],
  "sourceIdentifier": "5d1c2695-1a31-4499-88ae-e847036fd7e3",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-120"
        }
      ],
      "source": "5d1c2695-1a31-4499-88ae-e847036fd7e3",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-120"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.