Today CISA announced that it had added an out-of-bounds write vulnerability in the WatchGuard Firebox to their Known Exploited Vulnerabilities (KEV) catalog. WatchGuard published their advisory for the vulnerability yesterday, and updated that advisory with indicators of exploit information. WatchGuard has new versions that mitigate the vulnerability.
CISA has directed federal agencies that use the affected devices
to apply mitigations per vendor
instructions, follow applicable BOD 22-01 guidance for cloud services, or
discontinue use of the product if mitigations are unavailable. A deadline was
set for December 26th, 2025, to accomplish those actions.
Posts
No comments:
Post a Comment