漏洞概述 漏洞名称: WatchGuard Firebox Firmware Image Validation Bypass in WatchGuard Fireware OS CVE编号: CVE-2026-13722 CVSS评分: 8.6 CVSS向量: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/V:C/H/V:H/SC:N/S:N/SA:N 状态: 已解决 发布日期: 2026-07-02 更新日期: 2026-07-02 工作区可用: 否 影响范围 受影响产品: Firebox 受影响版本: - Fireware OS 11.0 up to and including 11.12.4, Update1 - 12.0 up to and including 12.12 - 12.5 up to and including 12.5.18 - 2025.1 up to and including 2026.2 修复方案 已解决版本: - 2025.1 -> 2026.2.1 - 12.x -> 12.12.1 - 12.5.x (T15 & T35 models) -> 未解决 - 11.x -> 生命周期结束 受影响产品列表 Firebox: - Fireware OS 12.5.x: T15, T35 - Fireware OS 2025.1.x: T115-W, T125, T125-W, T145, T145-W, T185, M295, M395, M495, M595, M695 - Fireware OS 12.x: T20, T25, T40, T45, T55, T70, T80, T85, M270, M290, M370, M390, M470, M570, M590, M670, M690, M440, M460, M4800, M5600, M5800, Firebox Cloud, Firebox NV5, FireboxV 总结 该漏洞允许经过身份验证的管理员通过备份/恢复功能安装篡改的固件镜像。建议尽快升级到已解决的版本以修复此漏洞。