CVE-2025-4106

Summary

An authenticated admin user with access to both the management WebUI and command line interface on a Firebox can enable a diagnostic debug shell by uploading a platform and version-specific diagnostic package and executing a leftover diagnostic command.

This issue affects Fireware OS: from 12.0 before 12.11.2.

Affected Software

VendorProductVersion RangeStatus
WatchGuardFireware OS12.0 < 12.11.2affected

Weaknesses

  • CWE-489: CWE-489 Active Debug Code

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References