A null pointer dereference vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to create a denial-of-service (DoS) condition by sending specially crafted IKEv2 messages. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer.
This vulnerability affects Fireware OS 11.10.2 up to and including 11.12.4_Update1, 12.0 up to and including 12.12 and 2025.1 up to and including 2026.2
CVSS
No CVSS.
References
Configurations
No configuration.
History
03 Jul 2026, 00:16
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2026-07-03 00:16
Updated : 2026-07-06 18:41
NVD link : CVE-2026-13084
Mitre link : CVE-2026-13084
CVE.ORG link : CVE-2026-13084
JSON object : View
Products Affected
No product.
CWE
CWE-476
NULL Pointer Dereference
