SecuriTricks - CVE-2025-12195

Description

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS's CLI could allow an authenticated privileged user to execute arbitrary code via specially crafted IPSec configuration CLI commands.This vulnerability affects Fireware OS 11.0 up to and including 11.12.4+541730, 12.0 up to and including 12.11.4, 12.5 up to and including 12.5.13, and 2025.1 up to and including 2025.1.2.

Product(s) Impacted

Vendor	Product	Versions
Watchguard	Fireware Firebox T115-w Firebox T125 Firebox T125-w Firebox T145 Firebox T145-w Firebox T185 Firebox M270 Firebox M290 Firebox M370 Firebox M390 Firebox M440 Firebox M4600 Firebox M470 Firebox M4800 Firebox M5600 Firebox M570 Firebox M5800 Firebox M590 Firebox M670 Firebox M690 Firebox Nv5 Firebox T20 Firebox T25 Firebox T40 Firebox T45 Firebox T55 Firebox T70 Firebox T80 Firebox T85 Fireboxcloud Fireboxv Firebox T15 Firebox T35	* - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-787

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

*CPE(s)

Affected systems and software identified for this CVE.

Type	Vendor	Product	Version	Update	Edition	Language	Software Edition	Target Software	Target Hardware	Other Information
o	watchguard	fireware	/	/	/	/	/	/	/	/
h	watchguard	firebox_t115-w	-	/	/	/	/	/	/	/
h	watchguard	firebox_t125	-	/	/	/	/	/	/	/
h	watchguard	firebox_t125-w	-	/	/	/	/	/	/	/
h	watchguard	firebox_t145	-	/	/	/	/	/	/	/
h	watchguard	firebox_t145-w	-	/	/	/	/	/	/	/
h	watchguard	firebox_t185	-	/	/	/	/	/	/	/
o	watchguard	fireware	/	/	/	/	/	/	/	/
h	watchguard	firebox_m270	-	/	/	/	/	/	/	/
h	watchguard	firebox_m290	-	/	/	/	/	/	/	/
h	watchguard	firebox_m370	-	/	/	/	/	/	/	/
h	watchguard	firebox_m390	-	/	/	/	/	/	/	/
h	watchguard	firebox_m440	-	/	/	/	/	/	/	/
h	watchguard	firebox_m4600	-	/	/	/	/	/	/	/
h	watchguard	firebox_m470	-	/	/	/	/	/	/	/
h	watchguard	firebox_m4800	-	/	/	/	/	/	/	/
h	watchguard	firebox_m5600	-	/	/	/	/	/	/	/
h	watchguard	firebox_m570	-	/	/	/	/	/	/	/
h	watchguard	firebox_m5800	-	/	/	/	/	/	/	/
h	watchguard	firebox_m590	-	/	/	/	/	/	/	/
h	watchguard	firebox_m670	-	/	/	/	/	/	/	/
h	watchguard	firebox_m690	-	/	/	/	/	/	/	/
h	watchguard	firebox_nv5	-	/	/	/	/	/	/	/
h	watchguard	firebox_t20	-	/	/	/	/	/	/	/
h	watchguard	firebox_t25	-	/	/	/	/	/	/	/
h	watchguard	firebox_t40	-	/	/	/	/	/	/	/
h	watchguard	firebox_t45	-	/	/	/	/	/	/	/
h	watchguard	firebox_t55	-	/	/	/	/	/	/	/
h	watchguard	firebox_t70	-	/	/	/	/	/	/	/
h	watchguard	firebox_t80	-	/	/	/	/	/	/	/
h	watchguard	firebox_t85	-	/	/	/	/	/	/	/
h	watchguard	fireboxcloud	-	/	/	/	/	/	/	/
h	watchguard	fireboxv	-	/	/	/	/	/	/	/
o	watchguard	fireware	/	/	/	/	/	/	/	/
h	watchguard	firebox_t15	-	/	/	/	/	/	/	/
h	watchguard	firebox_t35	-	/	/	/	/	/	/	/

References

https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-00019

CVSS Score

8.6 / 10

CVSS Data - 4.0

Attack Vector: NETWORK
Attack Complexity: LOW
Attack Requirements: NONE
Privileges Required: HIGH
User Interaction: NONE
Scope:
Confidentiality Impact: HIGH
Integrity Impact: HIGH
Availability Impact: HIGH
Exploit Maturity: NOT_DEFINED

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

View Vector String

Timeline

Published: Dec. 4, 2025, 10:15 p.m.
Last Modified: Dec. 10, 2025, 3:56 p.m.

Status : Analyzed

CVE has had analysis completed and all data associations made.

More info

Source

5d1c2695-1a31-4499-88ae-e847036fd7e3

CVE-2025-12195