1. Home
  2. CVE Database
  3. CVE-2025-13940
MEDIUM · 5.5

CVE-2025-13940

An Expected Behavior Violation [CWE-440] vulnerability in WatchGuard Fireware OS may allow an attacker to bypass the Fireware OS boot time system integrity check and prevent the Firebox from shutting ...

Vulnerability Description

An Expected Behavior Violation [CWE-440] vulnerability in WatchGuard Fireware OS may allow an attacker to bypass the Fireware OS boot time system integrity check and prevent the Firebox from shutting down in the event of a system integrity check failure. The on-demand system integrity check in the Fireware Web UI will correctly show a failed system integrity check message in the event of a failure.This issue affects Fireware OS: from 12.8.1 through 12.11.4, from 2025.1 through 2025.1.2.

CVSS Score

5.5

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
HIGH
Availability
NONE

Affected Products

VendorProductVersions
WatchguardFireware>= 2025.1, < 2025.1.3
WatchguardFirebox T115-W-
WatchguardFirebox T125-
WatchguardFirebox T125-W-
WatchguardFirebox T145-
WatchguardFirebox T145-W-
WatchguardFirebox T185-
WatchguardFirebox M270-
WatchguardFirebox M290-
WatchguardFirebox M370-
WatchguardFirebox M390-
WatchguardFirebox M440-
WatchguardFirebox M4600-
WatchguardFirebox M470-
WatchguardFirebox M4800-
WatchguardFirebox M5600-
WatchguardFirebox M570-
WatchguardFirebox M5800-
WatchguardFirebox M590-
WatchguardFirebox M670-

Related Weaknesses (CWE)

CWE-440

References

FAQ

What is CVE-2025-13940?

CVE-2025-13940 is a vulnerability with a CVSS score of 5.5 (MEDIUM). An Expected Behavior Violation [CWE-440] vulnerability in WatchGuard Fireware OS may allow an attacker to bypass the Fireware OS boot time system integrity check and prevent the Firebox from shutting ...

How severe is CVE-2025-13940?

CVE-2025-13940 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-13940?

Check the references section above for vendor advisories and patch information. Affected products include: Watchguard Fireware, Watchguard Firebox T115-W, Watchguard Firebox T125, Watchguard Firebox T125-W, Watchguard Firebox T145.