CVE-2022-23176
CVE-2022-23176
In short
A flaw in WatchGuard firewalls allows someone with basic login credentials to gain full administrative control of the device, bypassing normal access restrictions.
Technical detail
The vulnerability exists in the management interface of affected Firebox and XTM appliances, where unprivileged authenticated users can escalate to privileged management sessions through exposed management access paths. This authentication bypass affects Fireware OS versions before 12.7.2_U1, 12.x before 12.1.3_U3, and 12.2.x through 12.5.x before 12.5.7_U3, allowing complete compromise of firewall configuration and operation.
Summary generated and translated by AI from the official description.
WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access. This vulnerability impacts Fireware OS before 12.7.2_U1, 12.x before 12.1.3_U3, and 12.2.x through 12.5.x before 12.5.7_U3.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://arstechnica.com/information-technology/2022/04/watchguard-failed-to-disclose-critical-flaw-exploited-by-russian-hackers/https://securityportal.watchguard.comhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-23176https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_1_3_U7/index.html#Fireware/en-US/resolved_issues.htmlhttps://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.htmlhttps://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7/index.html#Fireware/en-US/resolved_issues.html