Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-13940

An Expected Behavior Violation [CWE-440] vulnerability in WatchGuard Fireware OS may allow an attacker to bypass the Fireware OS boot time system integrity check and prevent the Firebox from shutting down in the event of a system integrity check failure. The on-demand system integrity check in the Fireware Web UI will correctly show a failed system integrity check message in the event of a failure.This issue affects Fireware OS: from 12.8.1 through 12.11.4, from 2025.1 through 2025.1.2.

Published

2025-12-04T22:15:48.140

Last Modified

2025-12-10T16:04:47.177

Status

Analyzed

Source

5d1c2695-1a31-4499-88ae-e847036fd7e3

Severity

CVSSv3.1: 5.5 (MEDIUM)

Weaknesses

Type: Secondary
CWE-440

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	watchguard	fireware	< 2025.1.3	Yes
Hardware	watchguard	firebox_t115-w	-	No
Hardware	watchguard	firebox_t125	-	No
Hardware	watchguard	firebox_t125-w	-	No
Hardware	watchguard	firebox_t145	-	No
Hardware	watchguard	firebox_t145-w	-	No
Hardware	watchguard	firebox_t185	-	No
Operating System	watchguard	fireware	< 12.11.5	Yes
Hardware	watchguard	firebox_m270	-	No
Hardware	watchguard	firebox_m290	-	No
Hardware	watchguard	firebox_m370	-	No
Hardware	watchguard	firebox_m390	-	No
Hardware	watchguard	firebox_m440	-	No
Hardware	watchguard	firebox_m4600	-	No
Hardware	watchguard	firebox_m470	-	No
Hardware	watchguard	firebox_m4800	-	No
Hardware	watchguard	firebox_m5600	-	No
Hardware	watchguard	firebox_m570	-	No
Hardware	watchguard	firebox_m5800	-	No
Hardware	watchguard	firebox_m590	-	No
Hardware	watchguard	firebox_m670	-	No
Hardware	watchguard	firebox_m690	-	No
Hardware	watchguard	firebox_nv5	-	No
Hardware	watchguard	firebox_t20	-	No
Hardware	watchguard	firebox_t25	-	No
Hardware	watchguard	firebox_t40	-	No
Hardware	watchguard	firebox_t45	-	No
Hardware	watchguard	firebox_t55	-	No
Hardware	watchguard	firebox_t70	-	No
Hardware	watchguard	firebox_t80	-	No
Hardware	watchguard	firebox_t85	-	No
Hardware	watchguard	fireboxcloud	-	No
Hardware	watchguard	fireboxv	-	No

References

https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-00026 Vendor Advisory (5d1c2695-1a31-4499-88ae-e847036fd7e3)