Use-after-free in Fireware OS - CVE-2026-13368

 

Use-after-free in Fireware OS - CVE-2026-13368

Published: July 3, 2026


Vulnerability identifier: #VU136892
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2026-13368
CWE-ID: CWE-416
Exploitation vector: Remote access
Exploit availability: No public exploit available
Vendor: WatchGuard
Affected software:
Fireware OS

Detailed vulnerability description

The vulnerability allows a remote attacker to execute arbitrary code.

The vulnerability exists due to use-after-free in LDAP authentication for the Mobile User VPN with IKEv2 when handling authentication requests. A remote attacker can send crafted authentication traffic to execute arbitrary code.

Only Fireboxes configured to use an external LDAP authentication server for Mobile VPN with IKEv2 are vulnerable.


How to mitigate CVE-2026-13368

Install security update from vendor's website.

Sources