#VU112871 Hidden functionality in WatchGuard products - CVE-2025-4106

Vulnerability identifier: #VU112871

Vulnerability risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-4106

CWE-ID: CWE-912

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Fireware OS
Operating systems & Components / Operating system
Firebox T15
Hardware solutions / Routers & switches, VoIP, GSM, etc
Firebox T35
Hardware solutions / Routers & switches, VoIP, GSM, etc
Firebox T20
Hardware solutions / Routers & switches, VoIP, GSM, etc
Firebox T25
Hardware solutions / Routers & switches, VoIP, GSM, etc
Firebox T40
Hardware solutions / Routers & switches, VoIP, GSM, etc
Firebox T45
Hardware solutions / Routers & switches, VoIP, GSM, etc
Firebox T55
Hardware solutions / Routers & switches, VoIP, GSM, etc
Firebox T70
Hardware solutions / Routers & switches, VoIP, GSM, etc
Firebox T80
Hardware solutions / Routers & switches, VoIP, GSM, etc
Firebox T85
Hardware solutions / Routers & switches, VoIP, GSM, etc
Firebox M270
Hardware solutions / Routers & switches, VoIP, GSM, etc
Firebox M290
Hardware solutions / Routers & switches, VoIP, GSM, etc
Firebox M370
Hardware solutions / Routers & switches, VoIP, GSM, etc
Firebox M390
Hardware solutions / Routers & switches, VoIP, GSM, etc
Firebox M470
Hardware solutions / Routers & switches, VoIP, GSM, etc
Firebox M570
Hardware solutions / Routers & switches, VoIP, GSM, etc
Firebox M590
Hardware solutions / Routers & switches, VoIP, GSM, etc
Firebox M670
Hardware solutions / Routers & switches, VoIP, GSM, etc
Firebox M690
Hardware solutions / Routers & switches, VoIP, GSM, etc
Firebox M440
Hardware solutions / Routers & switches, VoIP, GSM, etc
Firebox M4600
Hardware solutions / Routers & switches, VoIP, GSM, etc
Firebox M4800
Hardware solutions / Routers & switches, VoIP, GSM, etc
Firebox M5600
Hardware solutions / Routers & switches, VoIP, GSM, etc
Firebox M5800
Hardware solutions / Routers & switches, VoIP, GSM, etc
Firebox Cloud
Hardware solutions / Routers & switches, VoIP, GSM, etc
Firebox NV5
Hardware solutions / Routers & switches, VoIP, GSM, etc
FireboxV
Hardware solutions / Routers & switches, VoIP, GSM, etc

Vendor: WatchGuard

Description

The vulnerability allows a remote user to compromise vulnerable system

The vulnerability exists due to hidden functionality (backdoor) is present in software. A remote administrator can upload a platform and version-specific diagnostic package, enable a diagnostic debug shell and execute a leftover diagnostic command.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Fireware OS: - - 12.11.2

Firebox T15: All versions

Firebox T35: All versions

Firebox T20: All versions

Firebox T25: All versions

Firebox T40: All versions

Firebox T45: All versions

Firebox T55: All versions

Firebox T70: All versions

Firebox T80: All versions

Firebox T85: All versions

Firebox M270: All versions

Firebox M290: All versions

Firebox M370: All versions

Firebox M390: All versions

Firebox M470: All versions

Firebox M570: All versions

Firebox M590: All versions

Firebox M670: All versions

Firebox M690: All versions

Firebox M440: All versions

Firebox M4600: All versions

Firebox M4800: All versions

Firebox M5600: All versions

Firebox M5800: All versions

Firebox Cloud: All versions

Firebox NV5: All versions

FireboxV: All versions

---

External links
https://jvn.jp/en/vu/JVNVU91657555/index.html
https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-00010

---

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.