CVE-2024-5974
Severity CVSS v4.0:
Pending analysis
Type:
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Publication date:
09/07/2024
Last modified:
13/01/2025
Description
A buffer overflow in WatchGuard Fireware OS could may allow an authenticated remote attacker with privileged management access to execute arbitrary code with system privileges on the firewall.<br />
This issue affects Fireware OS: from 11.9.6 through 12.10.3.
Impact
Base Score 3.x
7.20
Severity 3.x
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:* | 11.9.4 (including) | 12.5.12 (excluding) |
| cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:* | 12.6 (including) | 12.10.4 (excluding) |
| cpe:2.3:o:watchguard:fireware:12.5.12:u1:*:*:*:*:*:* | ||
| cpe:2.3:h:watchguard:firebox_m200:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:watchguard:firebox_m270:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:watchguard:firebox_m290:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:watchguard:firebox_m300:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:watchguard:firebox_m370:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:watchguard:firebox_m390:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:watchguard:firebox_m400:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:watchguard:firebox_m440:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:watchguard:firebox_m470:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:watchguard:firebox_m4800:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:watchguard:firebox_m500:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:watchguard:firebox_m570:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page