CVE-2022-25361
high-risk
Published 2022-06-07
WatchGuard Firebox and XTM appliances allow an unauthenticated remote attacker to delete arbitrary files from a limited set of directories on the system. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2.
Do I need to act?
~
1.1% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.1/10
Critical
NETWORK
/ LOW complexity
Affected Products (13)
Affected Vendors
References (4)
Vendor Advisory
https://watchguard.com
Vendor Advisory
https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00004
Vendor Advisory
https://watchguard.com
Vendor Advisory
https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00004
51
/ 100
high-risk
Severity
31/34 · Critical
Exploitability
3/34 · Minimal
Exposure
17/34 · Moderate