CVE-2025-12196

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-12196
An Out-of-bounds Write vulnerability in WatchGuard Fireware OS's CLI could allow an authenticated privileged user to execute arbitrary code via a specially crafted CLI command.This vulnerability affects Fireware OS 12.0 up to and including 12.11.4, 12.5 up to and including 12.5.13, and 2025.1 up to and including 2025.1.2.

7.2 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-00020 Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:watchguard:firebox_t115-w:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t125:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t125-w:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t145:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t145-w:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t185:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:watchguard:firebox_m270:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m290:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m370:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m390:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m440:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m4600:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m470:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m4800:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m5600:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m570:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m5800:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m590:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m670:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_m690:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_nv5:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t20:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t25:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t40:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t45:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t55:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t70:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t80:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t85:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:fireboxcloud:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:fireboxv:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:watchguard:firebox_t15:-:*:*:*:*:*:*:*
cpe:2.3:h:watchguard:firebox_t35:-:*:*:*:*:*:*:*
History

No history.

Information

Published : 2025-12-04 22:15

Updated : 2025-12-10 15:58

NVD link : CVE-2025-12196

Mitre link : CVE-2025-12196

CVE.ORG link : CVE-2025-12196

JSON object : View

Products Affected

watchguard

  • fireware
  • firebox_t145
  • firebox_t85
  • firebox_m4600
  • firebox_m4800
  • firebox_m690
  • firebox_t185
  • firebox_t55
  • firebox_t145-w
  • firebox_m370
  • firebox_t125
  • fireboxv
  • firebox_m570
  • firebox_m5800
  • firebox_t20
  • firebox_m670
  • firebox_t115-w
  • firebox_t15
  • firebox_t35
  • firebox_m390
  • firebox_t80
  • firebox_t25
  • firebox_m270
  • fireboxcloud
  • firebox_t45
  • firebox_t125-w
  • firebox_m290
  • firebox_m440
  • firebox_m5600
  • firebox_nv5
  • firebox_t40
  • firebox_t70
  • firebox_m470
  • firebox_m590
CWE
CWE-787

Out-of-bounds Write