Critical Vulnerability Information Vulnerability Name: WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in SIP Proxy Configuration Advisory ID: WSGA-2025-00012 CVE Number: CVE-2025-6947 Impact Level: Medium Status: Resolved Product Family: Firebox Release Date: 2025-07-10 Update Date: 2025-07-10 Temporary Mitigation Available: False CVSS Score: 4.8 CVSS Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SCL:SL/SI:L/SA:N Summary: A stored cross-site scripting (XSS) vulnerability exists in the management interface of WatchGuard Firebox devices, specifically within the SIP proxy configuration. A remote attacker with administrative privileges can exploit this vulnerability to execute arbitrary JavaScript code in the management interface of another administrator's Firebox device. Affected Versions: Fireware OS from 12.0 to 12.11.2 (inclusive of 12.11.2) Fixed Version: Fireware OS 12.11.3 Affected Product List: - Firebox Fireware OS 12.5.x: T15, T35 - Firebox Fireware OS 12.x: T20, T25, T40, T45, T55, T70, T80, T85, M270, M290, M370, M390, M470, M570, M590, M670, M690, M440, M4600, M4800, M5600, M5800, Firebox Cloud, Firebox NV5, FireboxV