Unrated severityNVD Advisory· Published Mar 30, 2026· Updated Mar 31, 2026

WatchGuard Firebox Insecure Deserialization in Fireware Access Portal

CVE-2026-4266

Description

An Insecure Deserialization vulnerability in WatchGuard Fireware OS allows an attacker that has obtained write access to the local filesystem through another vulnerability to execute arbitrary code in the context of the portald user.This issue affects Fireware OS: 12.1 through 12.11.8 and 2025.1 through 2026.1.2.

Note, this vulnerability does not affect Firebox platforms that do not support the Access Portal feature, including the T-15 and T-35.

Affected products

WatchGuard/Firewarellm-fuzzy
Range: >=12.1 <=12.11.8, >=2025.1 <=2026.1.2
WatchGuard/Fireware OSv5
Range: 12.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.watchguard.com/wgrd-psirt/advisory/wgsa-2026-00007mitrevendor-advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000