Hidden functionality in WatchGuard products - CVE-2025-4106
Published: July 14, 2025
Vulnerability identifier: #VU112871
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2025-4106
CWE-ID: CWE-912
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: WatchGuard
Affected software:
Fireware OS
Firebox T15
Firebox T35
Firebox T20
Firebox T25
Firebox T40
Firebox T45
Firebox T55
Firebox T70
Firebox T80
Firebox T85
Firebox M270
Firebox M290
Firebox M370
Firebox M390
Firebox M470
Firebox M570
Firebox M590
Firebox M670
Firebox M690
Firebox M440
Firebox M4600
Firebox M4800
Firebox M5600
Firebox M5800
Firebox Cloud
Firebox NV5
FireboxV
Fireware OS
Firebox T15
Firebox T35
Firebox T20
Firebox T25
Firebox T40
Firebox T45
Firebox T55
Firebox T70
Firebox T80
Firebox T85
Firebox M270
Firebox M290
Firebox M370
Firebox M390
Firebox M470
Firebox M570
Firebox M590
Firebox M670
Firebox M690
Firebox M440
Firebox M4600
Firebox M4800
Firebox M5600
Firebox M5800
Firebox Cloud
Firebox NV5
FireboxV
Detailed vulnerability description
The vulnerability allows a remote user to compromise vulnerable system
The vulnerability exists due to hidden functionality (backdoor) is present in software. A remote administrator can upload a platform and version-specific diagnostic package, enable a diagnostic debug shell and execute a leftover diagnostic command.
How to mitigate CVE-2025-4106
Install updates from vendor's website.