Zero Day MonitorZDM
DashboardVulnerabilitiesTrendingZero-DaysNewsAbout
Login
ImpressumPrivacy Policy
Zero Day Monitor © 2026
3244 articles · 170315 vulns · 37/41 feeds (7d)
← Back to list
—
CVE-2026-13728EXPLOITEDPATCHED
watchguard · fireware os

WatchGuard Firebox Hardcoded Fallback Encryption Key in Access Portal Resource Credential Database

Description

A vulnerability was found in WatchGuard Fireware OS up to 12.12/2026.2. It has been declared as critical. Impacted is an unknown function of the component Access Portal Feature. Executing a manipulation can lead to hard-coded credentials. This vulnerability appears as CVE-2026-13728. The attack may be performed from remote.

Affected Products

VendorProductVersions
watchguardfireware os12.1, 2025.1

Also Affects

Downstream vendors/products affected by this vulnerability

VendorProductSourceConfidence
watchguardfireboxcert_advisory90%

References

  • https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2026-00025(vendor-advisory)

Related News (2 articles)

Tier B
BSI Advisories4h ago
[NEU] [hoch] WatchGuard Firebox: Mehrere Schwachstellen
→ No new info (linked only)
Tier C
VulDB10h ago
CVE-2026-13728 | WatchGuard Fireware OS up to 12.12/2026.2 Access Portal Feature hard-coded credentials (wgsa-2026-00025)
→ No new info (linked only)
CISA KEV❌ No
Actively exploited✅ Yes
Patch available
https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2026-00025
CWECWE-798
PublishedJul 2, 2026
Last enriched10h agov2
Trending Score60
Source articles2
Independent2
Info Completeness8/14
Missing: cvss, epss, kev, exploit, iocs, mitre_attack

Community Vote

0
Login to vote
0 upvotes0 downvotes
No votes yet

Related CVEs (5)

CRITICALCVE-2026-13722EXP
WatchGuard Firebox Firmware Image Validation Bypass in WatchGuard Fireware OS
Trending: 60
CRITICALCVE-2026-13384EXP
WatchGuard Firebox wgagent Out of Bounds Write Vulnerability
Trending: 60
CRITICALCVE-2026-13383EXP
WatchGuard Firebox ikestubd Out of Bounds Write Vulnerability
Trending: 60
CRITICALCVE-2026-13054EXP
WatchGuard Firebox Arbitrary File Write via Path Traversal in Management Web UI
Trending: 60
CRITICALCVE-2026-13050EXP
WatchGuard Firebox networkd Out of Bounds Write Vulnerability
Trending: 60

Pin to Dashboard

Verification

State: unverified
Confidence: 0%

Vulnerability Timeline

CVE Published
Jul 2, 2026
Actively Exploited
Jul 2, 2026
Patch Available
Jul 2, 2026
Discovered by ZDM
Jul 2, 2026
Updated: description, severity, activelyExploited
Jul 3, 2026

Version History

v2
Last enriched 10h ago
v2Tier C10h ago

Updated severity to CRITICAL, marked as actively exploited, and corrected exploit availability to false.

descriptionseverityactivelyExploited
via VulDB
v115h ago

Initial creation