DIVD-2022-00022 - WatchGuard Firebox and XTM appliance ACE vulnerability

Our reference DIVD-2022-00022
Case lead Victor Gevers
Author Max van der Horst
Researcher(s)
CVE(s)
Product WatchGuard Firebox & XTM
Versions Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8 and 12.2.x through 12.5.x before 12.5.9.U2.
Recommendation Scan your system with the WSM Cyclops Blink Detector to verify whether or not you have been compromised and patch your system accordingly.
Patch status Available
Status Closed
Last modified 03 Nov 2022 12:37 CET

Summary

On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code. This vulnerability is being actively exploited, and it is advised to use the Cyclops Blink Detector to verify your system has not been compromised.

What you can do

What we are doing

Timeline

Date Description
29 Mar 2022 DIVD starts investigating the scope and impact of the vulnerability.
29 Mar 2022 First version of this case file.
31 Oct 2022 Decision made to close this case as a non intrusive detection was impossible.
gantt title DIVD-2022-00022 - WatchGuard Firebox and XTM appliance ACE vulnerability dateFormat YYYY-MM-DD axisFormat %e %b %Y section Case DIVD-2022-00022 - WatchGuard Firebox and XTM appliance ACE vulnerability (216 days) :2022-03-29, 2022-10-31 section Events DIVD starts investigating the scope and impact of the vulnerability. : milestone, 2022-03-29, 0d First version of this case file. : milestone, 2022-03-29, 0d Decision made to close this case as a non intrusive detection was impossible. : milestone, 2022-10-31, 0d

More information