CVE-2025-12026

Published: Dec 4, 2025

Modified: Feb 26, 2026

PUBLISHED

Description

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS’s certificate request command could allow an authenticated privileged user to execute arbitrary code via specially crafted CLI commands.This vulnerability affects Fireware OS 12.0 up to and including 12.11.4, 12.5 up to and including 12.5.13, and 2025.1 up to and including 2025.1.2.

Vendor	Product	Versions
WatchGuard	Fireware OS	affected `12.0 - <= 12.11.4` affected `12.5 - <= 12.5.13` affected `2025.1 - <= 2025.1.2`

Weaknesses (CWE)

CWE-787

References

https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-00017

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-12026

Description

Affected Products

Weaknesses (CWE)

References