CVE-2024-5974

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-5974
A buffer overflow in WatchGuard Fireware OS could may allow an authenticated remote attacker with privileged management access to execute arbitrary code with system privileges on the firewall. This issue affects Fireware OS: from 11.9.6 through 12.10.3.

7.2 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00011 Vendor Advisory
https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00011 Vendor Advisory
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*
cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*
cpe:2.3:o:watchguard:fireware:12.5.12:u1:*:*:*:*:*:*
OR cpe:2.3:h:watchguard:firebox_m200:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m270:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m290:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m300:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m370:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m390:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m400:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m440:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m470:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m4800:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m500:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m570:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m5800:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m590:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m670:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m690:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t10:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t10-d:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t10-w:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t15:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t15-w:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t20:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t20-w:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t30:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t30-w:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t35:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t35-r:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t35-w:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t40:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t40-w:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t50:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t50-w:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t55:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t55-w:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t70:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t80:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_xtm1520-rp:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_xtm1525-rp:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_xtm2520:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_xtm850:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_xtm860:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_xtm870:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_xtm870-f:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:fireboxcloud:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:fireboxt_nv5:*:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:fireboxt_t25:*:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:fireboxt_t45:*:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:fireboxt_t85:*:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:fireboxv:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:xtmv:-:*:*:*:*:*:*:*
History

13 Jan 2025, 18:15

Type Values Removed Values Added
Summary (en) A buffer overflow in WatchGuard Fireware OS could may allow an authenticated remote attacker with privileged management access to execute arbitrary code with system privileges on the firewall. This issue affects Fireware OS: from 11.9.6 through 12.10.3. (en) A buffer overflow in WatchGuard Fireware OS could may allow an authenticated remote attacker with privileged management access to execute arbitrary code with system privileges on the firewall. This issue affects Fireware OS: from 11.9.6 through 12.10.3.

21 Nov 2024, 09:48

Type Values Removed Values Added
References () https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00011 - Vendor Advisory () https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00011 - Vendor Advisory

22 Aug 2024, 14:26

Type Values Removed Values Added
References () https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00011 - () https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00011 - Vendor Advisory
CPE cpe:2.3:o:watchguard:fireware:12.5.12:u1:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t35:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_xtm870:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:fireboxv:-:*:*:*:*:*:*:*
cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m670:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_xtm870-f:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:fireboxt_t45:*:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m400:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m440:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:fireboxt_t85:*:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t20:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t80:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:xtmv:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t40-w:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m370:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_xtm850:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m570:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m300:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m200:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m5800:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m290:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t40:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t50:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m390:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t10-d:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t15-w:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_xtm860:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m500:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_xtm2520:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t55-w:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t30-w:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:fireboxcloud:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t10-w:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m690:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m590:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t55:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_xtm1520-rp:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t35-w:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:fireboxt_nv5:*:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_xtm1525-rp:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m470:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t50-w:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m4800:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:fireboxt_t25:*:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t15:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t35-r:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t10:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t20-w:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t70:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t30:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m270:-:*:*:*:*:*:*:*
First Time Watchguard firebox Xtm850
Watchguard firebox M570
Watchguard firebox T20
Watchguard fireboxv
Watchguard firebox T10-w
Watchguard firebox M690
Watchguard firebox M370
Watchguard firebox T50
Watchguard firebox T40
Watchguard firebox T35-w
Watchguard firebox T30
Watchguard firebox T35-r
Watchguard firebox Xtm860
Watchguard fireboxt T45
Watchguard firebox M300
Watchguard firebox Xtm1520-rp
Watchguard firebox T10-d
Watchguard firebox M440
Watchguard firebox T35
Watchguard firebox T30-w
Watchguard firebox M400
Watchguard fireboxcloud
Watchguard firebox Xtm2520
Watchguard firebox T55
Watchguard firebox M500
Watchguard firebox T80
Watchguard firebox M290
Watchguard firebox M670
Watchguard fireboxt Nv5
Watchguard fireboxt T25
Watchguard firebox T20-w
Watchguard firebox Xtm870
Watchguard firebox T55-w
Watchguard firebox Xtm1525-rp
Watchguard firebox T50-w
Watchguard firebox M470
Watchguard fireboxt T85
Watchguard firebox M4800
Watchguard firebox Xtm870-f
Watchguard firebox M270
Watchguard
Watchguard xtmv
Watchguard firebox T15
Watchguard firebox T15-w
Watchguard fireware
Watchguard firebox T70
Watchguard firebox T10
Watchguard firebox M390
Watchguard firebox M590
Watchguard firebox T40-w
Watchguard firebox M200
Watchguard firebox M5800

09 Jul 2024, 18:19

Type Values Removed Values Added
Summary
  • (es) Un desbordamiento del búfer en WatchGuard Fireware OS podría permitir que un atacante remoto autenticado con acceso de administración privilegiado ejecute código arbitrario con privilegios del sistema en el firewall. Este problema afecta al sistema operativo Fireware: desde 11.9.6 hasta 12.10.3.

09 Jul 2024, 03:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-07-09 03:15

Updated : 2025-01-13 18:15

NVD link : CVE-2024-5974

Mitre link : CVE-2024-5974

CVE.ORG link : CVE-2024-5974

JSON object : View

Products Affected

watchguard

  • firebox_m570
  • firebox_t50
  • firebox_xtm850
  • xtmv
  • firebox_t40-w
  • firebox_m440
  • fireboxt_t45
  • firebox_m300
  • firebox_t35
  • fireboxcloud
  • firebox_t50-w
  • fireware
  • firebox_t30-w
  • firebox_t40
  • firebox_t20-w
  • fireboxv
  • firebox_m590
  • firebox_t20
  • firebox_t15
  • firebox_m390
  • firebox_t10
  • firebox_m470
  • firebox_m270
  • firebox_t35-r
  • firebox_xtm2520
  • firebox_t80
  • firebox_t15-w
  • firebox_m500
  • firebox_t55-w
  • fireboxt_t25
  • firebox_t10-d
  • firebox_m4800
  • firebox_m370
  • firebox_xtm1525-rp
  • firebox_t70
  • firebox_m5800
  • firebox_xtm870
  • fireboxt_t85
  • firebox_m400
  • firebox_xtm1520-rp
  • firebox_t30
  • firebox_xtm860
  • fireboxt_nv5
  • firebox_t55
  • firebox_m200
  • firebox_m670
  • firebox_t35-w
  • firebox_t10-w
  • firebox_m690
  • firebox_xtm870-f
  • firebox_m290
CWE
CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')