#VU112871 Hidden functionality in WatchGuard products - CVE-2025-4106
Published: July 14, 2025
Vulnerability identifier: #VU112871
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2025-4106
CWE-ID: CWE-912
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
Fireware OS
Firebox T15
Firebox T35
Firebox T20
Firebox T25
Firebox T40
Firebox T45
Firebox T55
Firebox T70
Firebox T80
Firebox T85
Firebox M270
Firebox M290
Firebox M370
Firebox M390
Firebox M470
Firebox M570
Firebox M590
Firebox M670
Firebox M690
Firebox M440
Firebox M4600
Firebox M4800
Firebox M5600
Firebox M5800
Firebox Cloud
Firebox NV5
FireboxV
Fireware OS
Firebox T15
Firebox T35
Firebox T20
Firebox T25
Firebox T40
Firebox T45
Firebox T55
Firebox T70
Firebox T80
Firebox T85
Firebox M270
Firebox M290
Firebox M370
Firebox M390
Firebox M470
Firebox M570
Firebox M590
Firebox M670
Firebox M690
Firebox M440
Firebox M4600
Firebox M4800
Firebox M5600
Firebox M5800
Firebox Cloud
Firebox NV5
FireboxV
Software vendor:
WatchGuard
WatchGuard
Description
The vulnerability allows a remote user to compromise vulnerable system
The vulnerability exists due to hidden functionality (backdoor) is present in software. A remote administrator can upload a platform and version-specific diagnostic package, enable a diagnostic debug shell and execute a leftover diagnostic command.
Remediation
Install updates from vendor's website.