CVE-2026-3344 MEDIUM

CVE-2026-3344: WatchGuard Firebox System Integrity Check Bypass

Vendor Watchguard
Product Fireware OS
Weakness CWE-440
Published March 3, 2026
Last update March 4, 2026

CVSS base score

6.9/10
Attack vector Network
Attack complexity Low
Privileges required High
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

What the vulnerability does

01Description

A vulnerability in WatchGuard Fireware OS may allow an attacker to bypass the Fireware OS filesystem integrity check and maintain limited persistence via a maliciously-crafted firmware update package.This issue affects Fireware OS 12.0 up to and including 12.11.7, 12.5.9 up to and including 12.5.16, and 2025.1 up to and including 2026.1.1.

Key dates

02Disclosure timeline

March 3, 2026 CVE published
March 4, 2026 Record updated