CVE-2026-3344 Watchguard — Exploit & Vulnerability Details MEDIUM

Parameter	Value
CVSS	6.9 (MEDIUM)
Affected Versions	12.0 — 2026.1.2
Fixed In	12.11.8
Type	CWE-440
Vendor	Watchguard
Public PoC	No

A vulnerability in WatchGuard Fireware OS may allow an attacker to bypass the Fireware OS filesystem integrity check and maintain limited persistence via a maliciously-crafted firmware update package.This issue affects Fireware OS 12.0 up to and including 12.11.7, 12.5.9 up to and including 12.5.16, and 2025.1 up to and including 2026.1.1.

Attack Parameters

Attack Vector

Network

Can be exploited remotely

Attack Complexity

Low

Easy to exploit

Attack Requirements

None

No additional conditions

Privileges Required

High

Admin privileges needed

User Interaction

None

No user interaction needed

Impact Assessment

Confidentiality

None

No data leak

Integrity

High

Complete data modification

Availability

None

No disruption

CVSS Vector v4.0

Weakness Type (CWE)

CWE-440

Vulnerable Products 41

Configuration	From (including)	Up to (excluding)
Watchguard Fireware cpe:2.3:o:watchguard:fireware::::::::	`12.0`	`12.11.8`
Watchguard Firebox_M270 cpe:2.3:h:watchguard:firebox_m270:-:::::::*	—	—
Watchguard Firebox_M290 cpe:2.3:h:watchguard:firebox_m290:-:::::::*	—	—
Watchguard Firebox_M370 cpe:2.3:h:watchguard:firebox_m370:-:::::::*	—	—
Watchguard Firebox_M390 cpe:2.3:h:watchguard:firebox_m390:-:::::::*	—	—
Watchguard Firebox_M440 cpe:2.3:h:watchguard:firebox_m440:-:::::::*	—	—
Watchguard Firebox_M4600 cpe:2.3:h:watchguard:firebox_m4600:-:::::::*	—	—
Watchguard Firebox_M470 cpe:2.3:h:watchguard:firebox_m470:-:::::::*	—	—
Watchguard Firebox_M4800 cpe:2.3:h:watchguard:firebox_m4800:-:::::::*	—	—
Watchguard Firebox_M5600 cpe:2.3:h:watchguard:firebox_m5600:-:::::::*	—	—
Watchguard Firebox_M570 cpe:2.3:h:watchguard:firebox_m570:-:::::::*	—	—
Watchguard Firebox_M5800 cpe:2.3:h:watchguard:firebox_m5800:-:::::::*	—	—
Watchguard Firebox_M590 cpe:2.3:h:watchguard:firebox_m590:-:::::::*	—	—
Watchguard Firebox_M670 cpe:2.3:h:watchguard:firebox_m670:-:::::::*	—	—
Watchguard Firebox_M690 cpe:2.3:h:watchguard:firebox_m690:-:::::::*	—	—
Watchguard Firebox_Nv5 cpe:2.3:h:watchguard:firebox_nv5:-:::::::*	—	—
Watchguard Firebox_T20 cpe:2.3:h:watchguard:firebox_t20:-:::::::*	—	—
Watchguard Firebox_T25 cpe:2.3:h:watchguard:firebox_t25:-:::::::*	—	—
Watchguard Firebox_T40 cpe:2.3:h:watchguard:firebox_t40:-:::::::*	—	—
Watchguard Firebox_T45 cpe:2.3:h:watchguard:firebox_t45:-:::::::*	—	—
Watchguard Firebox_T55 cpe:2.3:h:watchguard:firebox_t55:-:::::::*	—	—
Watchguard Firebox_T70 cpe:2.3:h:watchguard:firebox_t70:-:::::::*	—	—
Watchguard Firebox_T80 cpe:2.3:h:watchguard:firebox_t80:-:::::::*	—	—
Watchguard Firebox_T85 cpe:2.3:h:watchguard:firebox_t85:-:::::::*	—	—
Watchguard Fireboxcloud cpe:2.3:h:watchguard:fireboxcloud:-:::::::*	—	—
Watchguard Fireboxv cpe:2.3:h:watchguard:fireboxv:-:::::::*	—	—
Watchguard Fireware cpe:2.3:o:watchguard:fireware::::::::	`12.5.9`	`12.5.17`
Watchguard Firebox_T15 cpe:2.3:h:watchguard:firebox_t15:-:::::::*	—	—
Watchguard Firebox_T35 cpe:2.3:h:watchguard:firebox_t35:-:::::::*	—	—
Watchguard Fireware cpe:2.3:o:watchguard:fireware::::::::	`2025.1`	`2026.1.2`
Watchguard Firebox_M295 cpe:2.3:h:watchguard:firebox_m295:-:::::::*	—	—
Watchguard Firebox_M395 cpe:2.3:h:watchguard:firebox_m395:-:::::::*	—	—
Watchguard Firebox_M495 cpe:2.3:h:watchguard:firebox_m495:-:::::::*	—	—
Watchguard Firebox_M595 cpe:2.3:h:watchguard:firebox_m595:-:::::::*	—	—
Watchguard Firebox_M695 cpe:2.3:h:watchguard:firebox_m695:-:::::::*	—	—
Watchguard Firebox_T115-W cpe:2.3:h:watchguard:firebox_t115-w:-:::::::*	—	—
Watchguard Firebox_T125 cpe:2.3:h:watchguard:firebox_t125:-:::::::*	—	—
Watchguard Firebox_T125-W cpe:2.3:h:watchguard:firebox_t125-w:-:::::::*	—	—
Watchguard Firebox_T145 cpe:2.3:h:watchguard:firebox_t145:-:::::::*	—	—
Watchguard Firebox_T145-W cpe:2.3:h:watchguard:firebox_t145-w:-:::::::*	—	—
Watchguard Firebox_T185 cpe:2.3:h:watchguard:firebox_t185:-:::::::*	—	—

References 1

https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2026-00005

5d1c2695-1a31-4499-88ae-e847036fd7e3

Share Post Share Share Share

Related Vulnerabilities

CVE-2026-3343

Watchguard

5.1

CVE-2026-3342

Watchguard

8.6

CVE-2025-1549

Watchguard

6.3

CVE-2025-4106

Watchguard

8.9

Menu

CVE-2026-3344

Attack Parameters

Impact Assessment

CVSS Vector v4.0

Weakness Type (CWE)

Vulnerable Products 41

References 1

Related Vulnerabilities

CVE-2026-3343

CVE-2026-3342

CVE-2025-1549

CVE-2025-4106

CVE Details

Editor's Choice

Menu

CVE-2026-3344

Attack Parameters

Impact Assessment

CVSS Vector v4.0

Weakness Type (CWE)

Vulnerable Products 41

References 1

Related Vulnerabilities

CVE-2026-3343

CVE-2026-3342

CVE-2025-1549

CVE-2025-4106

CVE Details

Editor's Choice

Stay informed on cybersecurity