CVE-2024-5974

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-5974
A buffer overflow in WatchGuard Fireware OS could may allow an authenticated remote attacker with privileged management access to execute arbitrary code with system privileges on the firewall. This issue affects Fireware OS: from 11.9.6 through 12.10.3.

7.2 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00011 Vendor Advisory
https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00011 Vendor Advisory
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*
cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*
cpe:2.3:o:watchguard:fireware:12.5.12:u1:*:*:*:*:*:*
OR cpe:2.3:h:watchguard:firebox_m200:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m270:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m290:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m300:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m370:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m390:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m400:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m440:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m470:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m4800:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m500:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m570:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m5800:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m590:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m670:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m690:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t10:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t10-d:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t10-w:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t15:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t15-w:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t20:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t20-w:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t30:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t30-w:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t35:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t35-r:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t35-w:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t40:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t40-w:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t50:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t50-w:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t55:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t55-w:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t70:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t80:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_xtm1520-rp:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_xtm1525-rp:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_xtm2520:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_xtm850:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_xtm860:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_xtm870:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_xtm870-f:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:fireboxcloud:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:fireboxt_nv5:*:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:fireboxt_t25:*:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:fireboxt_t45:*:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:fireboxt_t85:*:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:fireboxv:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:xtmv:-:*:*:*:*:*:*:*
History

13 Jan 2025, 18:15

Type Values Removed Values Added
Summary (en) A buffer overflow in WatchGuard Fireware OS could may allow an authenticated remote attacker with privileged management access to execute arbitrary code with system privileges on the firewall. This issue affects Fireware OS: from 11.9.6 through 12.10.3. (en) A buffer overflow in WatchGuard Fireware OS could may allow an authenticated remote attacker with privileged management access to execute arbitrary code with system privileges on the firewall. This issue affects Fireware OS: from 11.9.6 through 12.10.3.

21 Nov 2024, 09:48

Type Values Removed Values Added
References () https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00011 - Vendor Advisory () https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00011 - Vendor Advisory

22 Aug 2024, 14:26

Type Values Removed Values Added
CPE cpe:2.3:h:watchguard:firebox_m270:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t80:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t40-w:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m470:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t10-w:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m390:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m440:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m590:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:fireboxt_t85:*:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t70:-:*:*:*:*:*:*:*
cpe:2.3:o:watchguard:fireware:12.5.12:u1:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t40:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:xtmv:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t55:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m5800:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t35-w:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_xtm2520:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t30-w:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m200:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t20-w:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:fireboxcloud:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:fireboxt_t45:*:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_xtm860:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m670:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t55-w:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:fireboxt_nv5:*:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_xtm870-f:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t35-r:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m4800:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_xtm870:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t35:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m690:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m400:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m570:-:*:*:*:*:*:*:*
cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m370:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_xtm1525-rp:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:fireboxv:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t50:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m290:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t15-w:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t15:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t50-w:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m500:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m300:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t20:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_xtm1520-rp:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t10-d:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_xtm850:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:fireboxt_t25:*:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t30:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t10:-:*:*:*:*:*:*:*
First Time Watchguard fireware
Watchguard firebox T20
Watchguard fireboxt T85
Watchguard firebox Xtm850
Watchguard firebox M690
Watchguard firebox T50-w
Watchguard fireboxt Nv5
Watchguard firebox M4800
Watchguard firebox M500
Watchguard firebox Xtm870
Watchguard firebox Xtm870-f
Watchguard firebox M300
Watchguard firebox M270
Watchguard firebox M590
Watchguard firebox M470
Watchguard firebox M390
Watchguard firebox T30-w
Watchguard firebox T50
Watchguard firebox T35-r
Watchguard firebox T30
Watchguard firebox T35-w
Watchguard firebox T70
Watchguard firebox M400
Watchguard firebox M440
Watchguard firebox Xtm1520-rp
Watchguard firebox T15-w
Watchguard firebox T40-w
Watchguard firebox T10-d
Watchguard firebox M200
Watchguard firebox T10-w
Watchguard fireboxt T25
Watchguard firebox T40
Watchguard firebox M290
Watchguard firebox M5800
Watchguard firebox M570
Watchguard fireboxv
Watchguard firebox T20-w
Watchguard firebox T10
Watchguard
Watchguard fireboxt T45
Watchguard firebox T55
Watchguard xtmv
Watchguard firebox T55-w
Watchguard firebox T35
Watchguard firebox Xtm2520
Watchguard firebox M370
Watchguard firebox Xtm860
Watchguard firebox M670
Watchguard firebox Xtm1525-rp
Watchguard firebox T15
Watchguard fireboxcloud
Watchguard firebox T80
References () https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00011 - () https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00011 - Vendor Advisory

09 Jul 2024, 18:19

Type Values Removed Values Added
Summary
  • (es) Un desbordamiento del búfer en WatchGuard Fireware OS podría permitir que un atacante remoto autenticado con acceso de administración privilegiado ejecute código arbitrario con privilegios del sistema en el firewall. Este problema afecta al sistema operativo Fireware: desde 11.9.6 hasta 12.10.3.

09 Jul 2024, 03:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-07-09 03:15

Updated : 2025-01-13 18:15

NVD link : CVE-2024-5974

Mitre link : CVE-2024-5974

CVE.ORG link : CVE-2024-5974

JSON object : View

Products Affected

watchguard

  • xtmv
  • firebox_t50-w
  • fireboxv
  • firebox_m200
  • firebox_t35-r
  • firebox_t55-w
  • firebox_t70
  • fireboxt_t45
  • firebox_xtm2520
  • fireboxt_t85
  • firebox_m370
  • firebox_t10-w
  • firebox_m4800
  • fireboxcloud
  • firebox_t40-w
  • firebox_m440
  • firebox_t50
  • firebox_m5800
  • firebox_t35-w
  • firebox_m400
  • firebox_t30-w
  • firebox_t10-d
  • firebox_m290
  • fireware
  • firebox_xtm870-f
  • firebox_m670
  • firebox_m270
  • firebox_m390
  • firebox_t20
  • firebox_m500
  • firebox_m470
  • firebox_t30
  • firebox_t35
  • firebox_t15-w
  • firebox_t10
  • firebox_t55
  • firebox_t20-w
  • fireboxt_nv5
  • firebox_xtm860
  • firebox_xtm1520-rp
  • firebox_m690
  • firebox_t80
  • firebox_m300
  • firebox_m590
  • firebox_t40
  • firebox_xtm850
  • firebox_xtm870
  • firebox_xtm1525-rp
  • fireboxt_t25
  • firebox_m570
  • firebox_t15
CWE
CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')