CVE-2026-13722

Summary

WatchGuard Fireware OS contains a firmware validation bypass when processing a backup image via the backup/restore feature. An authenticated administrator can exploit this vulnerability to install a tampered firmware image.This vulnerability affects Fireware OS 11.0 up to and including 11.12.4_Update1, 12.0 up to and including 12.12 and 2025.1 up to and including 2025.6.2.

Affected Software

VendorProductVersion RangeStatus
WatchGuardFireware OS11.0 <= 11.12.4+541730affected
WatchGuardFireware OS12.0 <= 12.12affected
WatchGuardFireware OS12.5 <= 12.5.18affected
WatchGuardFireware OS2025.1 <= 2026.2affected

Weaknesses

  • CWE-347: CWE-347 Improper Verification of Cryptographic Signature

References