CVE-2024-5974 HIGH

CVE-2024-5974: Firebox Authenticated Buffer Overflow Vulnerability

Vendor Watchguard
Product Fireware OS
Weakness CWE-120
Published July 9, 2024
Last update January 13, 2025

CVSS base score

7.2/10
Attack vector Network
Attack complexity Low
Privileges required High
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

A buffer overflow in WatchGuard Fireware OS could may allow an authenticated remote attacker with privileged management access to execute arbitrary code with system privileges on the firewall. This issue affects Fireware OS: from 11.9.6 through 12.10.3.

Key dates

02Disclosure timeline

July 9, 2024 CVE published
January 13, 2025 Record updated