CVE-2024-5974: Firebox Authenticated Buffer Overflow Vulnerability
First published: Tue Jul 09 2024(Updated: )
A buffer overflow in WatchGuard Fireware OS could may allow an authenticated remote attacker with privileged management access to execute arbitrary code with system privileges on the firewall. This issue affects Fireware OS: from 11.9.6 through 12.10.3.
Credit: 5d1c2695-1a31-4499-88ae-e847036fd7e3
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| Any of | ||
| WatchGuard Fireware OS | >=11.9.4<12.5.12 | |
| WatchGuard Fireware OS | >=12.6<12.10.4 | |
| WatchGuard Fireware OS | =12.5.12-u1 | |
| Any of | ||
| Watchguard Firebox M200 | ||
| Watchguard Firebox M270 | ||
| Watchguard Firebox M290 | ||
| Watchguard Firebox M300 | ||
| Watchguard Firebox M370 | ||
| Watchguard Firebox M390 | ||
| Watchguard Firebox M400 | ||
| Watchguard Firebox M440 | ||
| Watchguard Firebox M470 | ||
| Watchguard Firebox M4800 | ||
| Watchguard Firebox M500 | ||
| Watchguard Firebox M570 | ||
| Watchguard Firebox M5800 | ||
| Watchguard Firebox M590 | ||
| Watchguard Firebox M670 | ||
| Watchguard Firebox M690 | ||
| Watchguard Firebox T10 | ||
| Watchguard Firebox T10-d | ||
| Watchguard Firebox T10-w | ||
| Watchguard Firebox T15 | ||
| Watchguard Firebox T15-w | ||
| Watchguard Firebox T20 | ||
| Watchguard Firebox T20-w | ||
| Watchguard Firebox T30 | ||
| Watchguard Firebox T30-w | ||
| Watchguard Firebox T35 | ||
| Watchguard Firebox T35-r | ||
| Watchguard Firebox T35-w | ||
| Watchguard Firebox T40 | ||
| Watchguard Firebox T40-w | ||
| Watchguard Firebox T50 | ||
| Watchguard Firebox T50-w | ||
| Watchguard Firebox T55 | ||
| Watchguard Firebox T55-w | ||
| Watchguard Firebox T70 | ||
| Watchguard Firebox T80 | ||
| Watchguard Firebox Xtm1520-rp | ||
| Watchguard Firebox Xtm1525-rp | ||
| Watchguard Firebox Xtm2520 | ||
| Watchguard Firebox Xtm850 | ||
| Watchguard Firebox Xtm860 | ||
| Watchguard Firebox Xtm870 | ||
| Watchguard Firebox Xtm870-f | ||
| Watchguard Fireboxcloud | ||
| Watchguard Fireboxt Nv5 | ||
| Watchguard Fireboxt T25 | ||
| Watchguard Fireboxt T45 | ||
| Watchguard Fireboxt T85 | ||
| Watchguard Fireboxv | ||
| Watchguard Xtmv |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2024-5974?
CVE-2024-5974 has a high severity rating due to its potential for remote code execution on affected WatchGuard Fireware systems.
How do I fix CVE-2024-5974?
To fix CVE-2024-5974, you should upgrade your WatchGuard Fireware OS to a version that is not affected, specifically above 12.10.4 or 12.5.12-u1.
Which versions of WatchGuard Fireware OS are affected by CVE-2024-5974?
CVE-2024-5974 affects WatchGuard Fireware OS versions from 11.9.6 to 12.10.3.
Who can exploit CVE-2024-5974?
CVE-2024-5974 can be exploited by authenticated remote attackers with privileged management access.
What vulnerabilities does CVE-2024-5974 present?
CVE-2024-5974 presents a buffer overflow vulnerability that allows execution of arbitrary code with system privileges on the firewall.
- agent/title
- agent/weakness
- agent/references
- agent/type
- agent/first-publish-date
- agent/author
- agent/severity
- agent/event
- collector/epss-latest
- source/FIRST
- agent/epss
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/description
- agent/source
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/watchguard
- canonical/watchguard fireware os
- version/watchguard fireware os/11.9.4
- version/watchguard fireware os/12.6
- version/watchguard fireware os/12.5.12-u1
- canonical/watchguard firebox m200
- canonical/watchguard firebox m270
- canonical/watchguard firebox m290
- canonical/watchguard firebox m300
- canonical/watchguard firebox m370
- canonical/watchguard firebox m390
- canonical/watchguard firebox m400
- canonical/watchguard firebox m440
- canonical/watchguard firebox m470
- canonical/watchguard firebox m4800
- canonical/watchguard firebox m500
- canonical/watchguard firebox m570
- canonical/watchguard firebox m5800
- canonical/watchguard firebox m590
- canonical/watchguard firebox m670
- canonical/watchguard firebox m690
- canonical/watchguard firebox t10
- canonical/watchguard firebox t10-d
- canonical/watchguard firebox t10-w
- canonical/watchguard firebox t15
- canonical/watchguard firebox t15-w
- canonical/watchguard firebox t20
- canonical/watchguard firebox t20-w
- canonical/watchguard firebox t30
- canonical/watchguard firebox t30-w
- canonical/watchguard firebox t35
- canonical/watchguard firebox t35-r
- canonical/watchguard firebox t35-w
- canonical/watchguard firebox t40
- canonical/watchguard firebox t40-w
- canonical/watchguard firebox t50
- canonical/watchguard firebox t50-w
- canonical/watchguard firebox t55
- canonical/watchguard firebox t55-w
- canonical/watchguard firebox t70
- canonical/watchguard firebox t80
- canonical/watchguard firebox xtm1520-rp
- canonical/watchguard firebox xtm1525-rp
- canonical/watchguard firebox xtm2520
- canonical/watchguard firebox xtm850
- canonical/watchguard firebox xtm860
- canonical/watchguard firebox xtm870
- canonical/watchguard firebox xtm870-f
- canonical/watchguard fireboxcloud
- canonical/watchguard fireboxt nv5
- canonical/watchguard fireboxt t25
- canonical/watchguard fireboxt t45
- canonical/watchguard fireboxt t85
- canonical/watchguard fireboxv
- canonical/watchguard xtmv