WatchGuard Firebox Hardcoded Fallback Encryption Key in Access Portal Resource Credential Database
Summary
| CVE | CVE-2026-13728 |
|---|---|
| State | PUBLISHED |
| Assigner | WatchGuard |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2026-07-03 00:16:52 UTC |
| Updated | 2026-07-09 19:45:20 UTC |
| Description | In exception circumstances, WatchGuard Fireware OS on a FireCluster may use a hard-coded encryption key to encrypt saved credentials for Access Portal resources. This vulnerability affects Fireware OS 12.1 up to and including 12.12 and 2025.1 up to and including 2026.2. This vulnerability does not affect devices that do not support the Access Portal feature or standalone Fireboxes not deployed in a FireCluster. |
Risk And Classification
Primary CVSS: v4.0 5.9 MEDIUM from 5d1c2695-1a31-4499-88ae-e847036fd7e3
CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS: 0.001620000 probability, percentile 0.057360000 (date 2026-07-08)
Problem Types: CWE-798 | CWE-798 CWE-798 Use of Hard-coded Credentials
| Version | Source | Type | Score | Severity | Vector |
|---|---|---|---|---|---|
| 4.0 | 5d1c2695-1a31-4499-88ae-e847036fd7e3 | Secondary | 5.9 | MEDIUM | CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/C... |
| 4.0 | CNA | CVSS | 5.9 | MEDIUM | CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N |
| 3.1 | [email protected] | Primary | 4.4 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N |
CVSS v4.0 Breakdown
Attack Vector
NetworkAttack Complexity
LowAttack Requirements
PresentPrivileges Required
HighUser Interaction
NoneConfidentiality
HighIntegrity
NoneAvailability
NoneSub Conf.
LowSub Integrity
NoneSub Availability
NoneCVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CVSS v3.1 Breakdown
Attack Vector
NetworkAttack Complexity
HighPrivileges Required
HighUser Interaction
NoneScope
UnchangedConfidentiality
HighIntegrity
NoneAvailability
NoneCVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Watchguard | Fireboxcloud | - | All | All | All |
| Hardware | Watchguard | Fireboxv | - | All | All | All |
| Hardware | Watchguard | Firebox M270 | - | All | All | All |
| Hardware | Watchguard | Firebox M290 | - | All | All | All |
| Hardware | Watchguard | Firebox M370 | - | All | All | All |
| Hardware | Watchguard | Firebox M390 | - | All | All | All |
| Hardware | Watchguard | Firebox M440 | - | All | All | All |
| Hardware | Watchguard | Firebox M4600 | - | All | All | All |
| Hardware | Watchguard | Firebox M470 | - | All | All | All |
| Hardware | Watchguard | Firebox M4800 | - | All | All | All |
| Hardware | Watchguard | Firebox M5600 | - | All | All | All |
| Hardware | Watchguard | Firebox M570 | - | All | All | All |
| Hardware | Watchguard | Firebox M5800 | - | All | All | All |
| Hardware | Watchguard | Firebox M590 | - | All | All | All |
| Hardware | Watchguard | Firebox M670 | - | All | All | All |
| Hardware | Watchguard | Firebox M690 | - | All | All | All |
| Hardware | Watchguard | Firebox Nv5 | - | All | All | All |
| Hardware | Watchguard | Firebox T20 | - | All | All | All |
| Hardware | Watchguard | Firebox T25 | - | All | All | All |
| Hardware | Watchguard | Firebox T40 | - | All | All | All |
| Hardware | Watchguard | Firebox T45 | - | All | All | All |
| Hardware | Watchguard | Firebox T55 | - | All | All | All |
| Hardware | Watchguard | Firebox T70 | - | All | All | All |
| Hardware | Watchguard | Firebox T80 | - | All | All | All |
| Hardware | Watchguard | Firebox T85 | - | All | All | All |
| Operating System | Watchguard | Fireware | All | All | All | All |
Vendor Declared Affected Products
| Source | Vendor | Product | Version | Platforms |
|---|---|---|---|---|
| CNA | WatchGuard | Fireware OS | affected 12.1 12.12 semver | Not specified |
| CNA | WatchGuard | Fireware OS | affected 2025.1 2026.2 semver | Not specified |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| www.watchguard.com/wgrd-psirt/advisory/wgsa-2026-00025 | 5d1c2695-1a31-4499-88ae-e847036fd7e3 | www.watchguard.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
Vendor Comments And Credit
Discovery Credit
CNA: Cody Sixteen (en)
There are currently no legacy QID mappings associated with this CVE.