CVE-2024-6592

WatchGuard Firebox Single Sign-On Agent Protocol Authorization Bypass

CVSS 9.1 CRITICALEPSS 1.0%CWE-306

Incorrect Authorization vulnerability in the protocol communication between the WatchGuard Authentication Gateway (aka Single Sign-On Agent) on Windows and the WatchGuard Single Sign-On Client on Windows and MacOS allows Authentication Bypass.This issue affects the Authentication Gateway: through 12.10.2; Windows Single Sign-On Client: through 12.7; MacOS Single Sign-On Client: through 12.5.4.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Affected products

WatchGuard · Authentication Gateway WatchGuard · Single Sign-On Client

public PoCs found — 1

githubgithub.com/RedTeamPentesting/watchguard-sso-client★ 3

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00014