CVE-2022-23176
WatchGuard Firebox and XTM Privilege Escalation Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
YesDecision
Descriptions
WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access. This vulnerability impacts Fireware OS before 12.7.2_U1, 12.x before 12.1.3_U3, and 12.2.x through 12.5.x before 12.5.7_U3.
Los dispositivos WatchGuard Firebox y XTM permiten que un atacante remoto con credenciales no privilegiadas acceda al sistema con una sesión de gestión privilegiada a través del acceso de gestión expuesto. Esta vulnerabilidad afecta al sistema operativo Fireware antes de la versión 12.7.2_U1, 12.x antes de la versión 12.1.3_U3, y 12.2.x hasta 12.5.x antes de la versión 12.5.7_U3
WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-01-12 CVE Reserved
- 2022-02-24 CVE Published
- 2022-04-11 Exploited in Wild
- 2022-05-02 KEV Due Date
- 2024-01-10 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- First Exploit
CWE
CAPEC
References (5)
| URL | Tag | Source |
|---|---|---|
| https://arstechnica.com/information-technology/2022/04/watchguard-failed-to-disclose-critical-flaw-exploited-by-russian-hackers | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Watchguard Search vendor "Watchguard" | Fireware Search vendor "Watchguard" for product "Fireware" | >= 12.0.0 < 12.1.3 Search vendor "Watchguard" for product "Fireware" and version " >= 12.0.0 < 12.1.3" | - |
Affected
| ||||||
| Watchguard Search vendor "Watchguard" | Fireware Search vendor "Watchguard" for product "Fireware" | >= 12.2.0 < 12.5.7 Search vendor "Watchguard" for product "Fireware" and version " >= 12.2.0 < 12.5.7" | - |
Affected
| ||||||
| Watchguard Search vendor "Watchguard" | Fireware Search vendor "Watchguard" for product "Fireware" | 12.1.3 Search vendor "Watchguard" for product "Fireware" and version "12.1.3" | - |
Affected
| ||||||
| Watchguard Search vendor "Watchguard" | Fireware Search vendor "Watchguard" for product "Fireware" | 12.1.3 Search vendor "Watchguard" for product "Fireware" and version "12.1.3" | u1 |
Affected
| ||||||
| Watchguard Search vendor "Watchguard" | Fireware Search vendor "Watchguard" for product "Fireware" | 12.1.3 Search vendor "Watchguard" for product "Fireware" and version "12.1.3" | u2 |
Affected
| ||||||
| Watchguard Search vendor "Watchguard" | Fireware Search vendor "Watchguard" for product "Fireware" | 12.5.7 Search vendor "Watchguard" for product "Fireware" and version "12.5.7" | - |
Affected
| ||||||
| Watchguard Search vendor "Watchguard" | Fireware Search vendor "Watchguard" for product "Fireware" | 12.5.7 Search vendor "Watchguard" for product "Fireware" and version "12.5.7" | u1 |
Affected
| ||||||
| Watchguard Search vendor "Watchguard" | Fireware Search vendor "Watchguard" for product "Fireware" | 12.5.7 Search vendor "Watchguard" for product "Fireware" and version "12.5.7" | u2 |
Affected
| ||||||
| Watchguard Search vendor "Watchguard" | Fireware Search vendor "Watchguard" for product "Fireware" | 12.7.2 Search vendor "Watchguard" for product "Fireware" and version "12.7.2" | - |
Affected
| ||||||