Vulnerabilities > Watchguard
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-25 | CVE-2024-6592 | Incorrect Authorization vulnerability in Watchguard Authentication Gateway and Single Sign-On Client Incorrect Authorization vulnerability in the protocol communication between the WatchGuard Authentication Gateway (aka Single Sign-On Agent) on Windows and the WatchGuard Single Sign-On Client on Windows and MacOS allows Authentication Bypass.This issue affects the Authentication Gateway: through 12.10.2; Windows Single Sign-On Client: through 12.7; MacOS Single Sign-On Client: through 12.5.4. | 9.1 |
| 2024-09-25 | CVE-2024-6593 | Incorrect Authorization vulnerability in Watchguard Authentication Gateway Incorrect Authorization vulnerability in WatchGuard Authentication Gateway (aka Single Sign-On Agent) on Windows allows an attacker with network access to execute restricted management commands. This issue affects Authentication Gateway: through 12.10.2. | 9.1 |
| 2024-09-25 | CVE-2024-6594 | Improper Handling of Exceptional Conditions vulnerability in Watchguard Single Sign-On Client Improper Handling of Exceptional Conditions vulnerability in the WatchGuard Single Sign-On Client on Windows causes the client to crash while handling malformed commands. | 7.5 |
| 2024-07-09 | CVE-2024-4944 | Command Injection vulnerability in Watchguard Mobile VPN With SSL A local privilege escalation vlnerability in the WatchGuard Mobile VPN with SSL client on Windows enables a local user to execute arbitrary commands with elevated privileged. | 7.8 |
| 2024-07-09 | CVE-2024-5974 | Classic Buffer Overflow vulnerability in Watchguard Fireware A buffer overflow in WatchGuard Fireware OS could may allow an authenticated remote attacker with privileged management access to execute arbitrary code with system privileges on the firewall. This issue affects Fireware OS: from 11.9.6 through 12.10.3. | 7.2 |
| 2023-10-05 | CVE-2023-26236 | Unspecified vulnerability in Watchguard products An issue was discovered in WatchGuard EPDR 8.0.21.0002. | 7.8 |
| 2023-10-05 | CVE-2023-26237 | Authorization Bypass Through User-Controlled Key vulnerability in Watchguard products An issue was discovered in WatchGuard EPDR 8.0.21.0002. | 6.7 |
| 2023-10-05 | CVE-2023-26238 | Unspecified vulnerability in Watchguard products An issue was discovered in WatchGuard EPDR 8.0.21.0002. | 5.5 |
| 2023-10-05 | CVE-2023-26239 | Improper Check for Dropped Privileges vulnerability in Watchguard products An issue was discovered in WatchGuard EPDR 8.0.21.0002. | 5.5 |
| 2023-07-13 | CVE-2023-37849 | Uncontrolled Search Path Element vulnerability in Watchguard Panda Security VPN A DLL hijacking vulnerability in Panda Security VPN for Windows prior to version v15.14.8 allows attackers to execute arbitrary code via placing a crafted DLL file in the same directory as PANDAVPN.exe. | 6.5 |