【資安漏洞預警】WatchGuard Firebox 存在重大資安漏洞(CVE-2026-13368)
【Security Vulnerability Alert】WatchGuard Firebox has a critical security vulnerability (CVE-2026-13368)

發布單位:圖資處數位服務組
日期範圍:2026/7/9 ~ 2027/1/9
 
發布單位:圖資處數位服務組
日期範圍:2026/7/9 ~ 2027/1/9
行政 行政公告
全體

轉發 台灣電腦網路危機處理暨協調中心 資安訊息警訊 TWCERTCC-200-202607-00000002

[內容說明]
WatchGuard Firebox 是一款次世代防火牆產品,提供多層次防護,包括防毒、IPS、APT 阻擋及垃圾郵件過濾。近日WatchGuard發布重大資安漏洞公告(CVE-2026-13368,CVSS 4.x:9.2),該漏洞源於 Mobile User VPN with IKEv2 的 LDAP 驗證機制存在競爭條件(Race Condition),進而造成釋放後使用(Use-After-Free)漏洞。
若 Firebox 已設定 Mobile User VPN with IKEv2 並使用外部 LDAP 驗證伺服器,未經身分驗證的遠端攻擊者可利用此漏洞,以iked進程的上下文中執行任意程式碼。

[影響平台]
Fireware OS 2025.1 版本
Fireware OS 12.x 版本
Fireware OS 12.5.x (T15&T13) 版本
Fireware OS 11.x 版本

[建議措施]
請更新至以下版本:Fireware OS 2026.2.1版本、Fireware OS 12.12.1版本

[參考資料]
1. https://www.twcert.org.tw/tw/cp-169-11022-eee7d-1.html

Forwarded Taiwan Computer Emergency Response Team / Coordination Center Security Advisory Alert TWCERTCC-200-202607-00000002

[Description]
WatchGuard Firebox is a next-generation firewall product that provides multi-layered protection, including antivirus, IPS, APT blocking, and spam filtering. Recently, WatchGuard released a critical security vulnerability advisory (CVE-2026-13368,CVSS 4.x:9.2). This vulnerability originates from a race condition in the LDAP authentication mechanism of Mobile User VPN with IKEv2, leading to a use-after-free vulnerability.
If Firebox has Mobile User VPN with IKEv2 configured and uses an external LDAP authentication server, unauthenticated remote attackers can exploit this vulnerability to execute arbitrary code in the context of the iked process.

[Affected Platform]
Fireware OS 2025.1 version
Fireware OS 12.x version
Fireware OS 12.5.x (T15&T13) version
Fireware OS 11.x version

[Recommendations]
Please update to the following versions: Fireware OS 2026.2.1 version, Fireware OS 12.12.1 version

[References]
1.https://www.twcert.org.tw/tw/cp-169-11022-eee7d-1.html


相關附件
※為降低附件原始檔案遭搜尋引擎索引之風險,公告附件將由瀏覽器先下載至本機暫存後再開啟。請確認使用環境安全後,再決定是否開啟附件。
system_update_alt參考資料
Top↑