CVE-2026-41287

Stack-based Buffer Overflow vulnerability in the WatchGuard Agent discovery service on Windows allows Overflow Buffers. An unauthenticated attacker on the same local network could exploit this vulnerability to crash the agent service.

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2026-00010	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:watchguard:agent:*:*:*:*:*:windows:*:*

History

11 May 2026, 18:36

Type	Values Removed	Values Added
First Time		Watchguard agent Watchguard
References	~~() https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2026-00010 -~~	() https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2026-00010 - Vendor Advisory
CPE		cpe:2.3:a:watchguard:agent::::::windows::*
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 6.5

06 May 2026, 15:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-05-06 15:16

Updated : 2026-05-11 18:36

NVD link : CVE-2026-41287

Mitre link : CVE-2026-41287

CVE.ORG link : CVE-2026-41287

JSON object : View

Products Affected

watchguard

agent

CWE

CWE-121

Stack-based Buffer Overflow

{"id": "CVE-2026-41287", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}], "cvssMetricV40": [{"type": "Secondary", "source": "5d1c2695-1a31-4499-88ae-e847036fd7e3", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 7.1, "Automatable": "NOT_DEFINED", "attackVector": "ADJACENT", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2026-05-06T15:16:10.767", "references": [{"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2026-00010", "tags": ["Vendor Advisory"], "source": "5d1c2695-1a31-4499-88ae-e847036fd7e3"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "5d1c2695-1a31-4499-88ae-e847036fd7e3", "description": [{"lang": "en", "value": "CWE-121"}]}], "descriptions": [{"lang": "en", "value": "Stack-based Buffer Overflow vulnerability in the WatchGuard Agent discovery service on Windows allows Overflow Buffers. An unauthenticated attacker on the same local network could exploit this vulnerability to crash the agent service."}], "lastModified": "2026-05-11T18:36:54.950", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:watchguard:agent:*:*:*:*:*:windows:*:*", "vulnerable": true, "matchCriteriaId": "1D391721-7499-4701-A84D-C58CD093CCB0", "versionEndExcluding": "1.25.03.0000"}], "operator": "OR"}]}], "sourceIdentifier": "5d1c2695-1a31-4499-88ae-e847036fd7e3"}