Vulnerability Description
An Insecure Deserialization vulnerability in WatchGuard Fireware OS allows an attacker that has obtained write access to the local filesystem through another vulnerability to execute arbitrary code in the context of the portald user.This issue affects Fireware OS: 12.1 through 12.11.8 and 2025.1 through 2026.1.2. Note, this vulnerability does not affect Firebox platforms that do not support the Access Portal feature, including the T-15 and T-35.
Related Weaknesses (CWE)
References
FAQ
What is CVE-2026-4266?
CVE-2026-4266 is a documented vulnerability. An Insecure Deserialization vulnerability in WatchGuard Fireware OS allows an attacker that has obtained write access to the local filesystem through another vulnerability to execute arbitrary code in...
How severe is CVE-2026-4266?
CVSS scoring is not yet available for CVE-2026-4266. Check NVD for updates.
Is there a patch for CVE-2026-4266?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.