WatchGuard’s Product Security Incident Response Team (PSIRT) has launched their public PSIRT page to provide a consolidated resource where network administrators can find advisories and information about security vulnerabilities in WatchGuard products, as well as WatchGuard’s investigations into industry-wide security issues that may impact WatchGuard products or services.
The published advisories are grouped into three main categories:
- The first is flaws that can be found in the Firebox and other WatchGuard products that warrant immediate action. WatchGuard will share details about the vulnerability (without providing information that might be useful to attackers), including its severity and mitigating factors to help administrators quickly understand their potential impact. These advisories will include specific steps, either through software upgrades or configuration changes that administrators can take to mitigate the vulnerability.
- Secondly, WatchGuard lists out major, industry-wide vulnerabilities (for example, Log4Shell) whose effects on WatchGuard products may be in question by customers or partners. This category of advisory provides MSPs and customers with that information without needing to request information.
- Lastly, the page will include advisories for most WatchGuard product vulnerabilities found by outside researchers. WatchGuard appreciates the hard work of external researchers that work through the responsible disclosure process. WatchGuard strives to give credit wherever possible while guiding customers with the most complete picture possible of the vulnerability and its impact.
Link to the PSIRT page:
https://www.watchguard.com/wgrd-psirt/advisories