CVE-2022-23176: WatchGuard Firebox and XTM Privilege Escalation Vulnerability
First published: Thu Feb 24 2022(Updated: )
WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access.
Credit: cve@mitre.org cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| WatchGuard Fireware | >=12.0.0<12.1.3 | |
| WatchGuard Fireware | >=12.2.0<12.5.7 | |
| WatchGuard Fireware | =12.1.3 | |
| WatchGuard Fireware | =12.1.3-u1 | |
| WatchGuard Fireware | =12.1.3-u2 | |
| WatchGuard Fireware | =12.5.7 | |
| WatchGuard Fireware | =12.5.7-u1 | |
| WatchGuard Fireware | =12.5.7-u2 | |
| WatchGuard Fireware | =12.7.2 | |
| WatchGuard Firebox and XTM | ||
| >=12.0.0<12.1.3 | ||
| >=12.2.0<12.5.7 | ||
| =12.1.3 | ||
| =12.1.3-u1 | ||
| =12.1.3-u2 | ||
| =12.5.7 | ||
| =12.5.7-u1 | ||
| =12.5.7-u2 | ||
| =12.7.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://arstechnica.com/information-technology/2022/04/watchguard-failed-to-disclose-critical-flaw-exploited-by-russian-hackers/
- https://securityportal.watchguard.com
- https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_1_3_U7/index.html#Fireware/en-US/resolved_issues.html
- https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7/index.html#Fireware/en-US/resolved_issues.html
- https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html
- https://nvd.nist.gov/vuln/detail/CVE-2022-23176
Frequently Asked Questions
What is CVE-2022-23176?
CVE-2022-23176 is a vulnerability that allows a remote attacker with unprivileged credentials to access the WatchGuard Firebox and XTM appliances with a privileged management session via exposed management access.
How does CVE-2022-23176 impact WatchGuard Firebox and XTM appliances?
CVE-2022-23176 impacts Fireware OS versions before 12.7.2_U1, 12.x before 12.1.3_U3, and 12.2.x through 12.5.x before 12.5.7, allowing a remote attacker to gain privileged access to the system.
What is the severity of CVE-2022-23176?
CVE-2022-23176 has a severity score of 8.8 (Critical).
How can I fix CVE-2022-23176?
To fix CVE-2022-23176, it is recommended to update Fireware OS to version 12.7.2_U1, 12.1.3_U3, or 12.5.7 or higher, as provided by WatchGuard.
Where can I find more information about CVE-2022-23176?
More information about CVE-2022-23176 can be found on the WatchGuard website and in the release notes for Fireware OS version 12.1.3_U7.
- collector/nvd-api
- collector/nvd-index
- agent/author
- agent/type
- agent/softwarecombine
- agent/title
- agent/severity
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- exploited/true
- collector/cisa-known-exploited
- source/CISA
- agent/software-canonical-lookup
- agent/references
- agent/tags
- collector/nvd-cve
- source/NVD
- vendor/watchguard
- canonical/watchguard fireware
- version/watchguard fireware/12.0.0
- version/watchguard fireware/12.2.0
- version/watchguard fireware/12.1.3
- version/watchguard fireware/12.1.3-u1
- version/watchguard fireware/12.1.3-u2
- version/watchguard fireware/12.5.7
- version/watchguard fireware/12.5.7-u1
- version/watchguard fireware/12.5.7-u2
- version/watchguard fireware/12.7.2
- canonical/watchguard firebox and xtm