A cloud-native network security solution that provides enterprise-grade security features including firewall, IPS, antivirus, and VPN capabilities for cloud environments. WatchGuard Firebox Cloud is designed to protect workloads running in public cloud platforms like AWS and Azure, offering unified security management and policy enforcement across hybrid infrastructures.

WatchGuard Firebox

A stored cross-site scripting (XSS) vulnerability exists in the management web interface of WatchGuard Firebox and XTM appliances. A remote attacker can potentially execute arbitrary JavaScript code in the management web interface by sending crafted requests to exposed management ports. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4.

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2022-31789	CRITICAL	9.8	WatchGuard Firebox	cpe:2.3:o:watchguard:fireware	No	Yes	Sep 06, 2022
CVE-2025-9242	CRITICAL	9.3	WatchGuard Firebox	cpe:2.3:o:watchguard:fireware	No	Yes	Sep 17, 2025
CVE-2022-31791	HIGH	7.8	WatchGuard Firebox	cpe:2.3:o:watchguard:fireware	No	Yes	Sep 06, 2022
CVE-2024-5974	HIGH	7.2	WatchGuard Firebox	cpe:2.3:o:watchguard:fireware	No	Yes	Jul 09, 2024
CVE-2022-31792	MEDIUM	5.4	WatchGuard Firebox	cpe:2.3:o:watchguard:fireware	No	Yes	Sep 06, 2022

CVE-2022-31792:
WatchGuard Firebox vulnerability analysis and mitigation

5.4

Related WatchGuard Firebox vulnerabilities:

Benchmark your Cloud Security Posture

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?

CVE-2022-31792: WatchGuard Firebox vulnerability analysis and mitigation