CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

WatchGuard security advisory (AV26-649)

unknown
Serial number: AV26-649 Date: July 3, 2026 On July 2, 2026, WatchGuard published security advisories to address vulnerabilities in the following products: Fireware OS 2025.1 – version 2026.2 and prior Fireware OS 11.x - version 11.12.4_Update1 and prior Fireware OS 12.0 – version 12.12 and prior Fireware OS 12.5 – version 12.5.18 and prior Mobile VPN with SSL client for Windows – version 2026.2 and prior The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates. WatchGuard Firebox Race Condition and Use-After-Free in Mobile VPN with IKEv2 LDAP Authentication WatchGuard Mobile VPN with SSL Windows Client Local Privilege Escalation WatchGuard Security Advisories

CSIRTS triage

What
Vulnerabilities in Fireware OS can lead to local privilege escalation and other security issues.
Who is affected
Deployments of the specified versions of Fireware OS are affected.
Urgency
Remediation is urgent due to the potential for local privilege escalation.
Action
Update Fireware OS to the latest versions.

AI-assisted analysis generated from the source advisory — verify against the original.

⚡ Watch Fireware OS

Get an email when a new Fireware OS advisory drops — max one per day, one-click unsubscribe.

Details

Source
Canadian Centre for Cyber Security (CA · national-cert · site)
Severity
unknown
Published
2026-07-03
Exploitation
Not in CISA KEV at last sync

Original advisory: https://cyber.gc.ca/en/alerts-advisories/watchguard-security-advisory-av26-649

More from Canadian Centre for Cyber Security