{"id":46095,"date":"2022-04-07T15:28:13","date_gmt":"2022-04-07T15:28:13","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/33300\/WatchGuard-Failed-To-Explicitly-Disclose-Critical-Flaw-Exploited-By-Russian-Hackers.html"},"modified":"2022-04-07T15:28:13","modified_gmt":"2022-04-07T15:28:13","slug":"watchguard-failed-to-explicitly-disclose-critical-flaw-exploited-by-russian-hackers","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/watchguard-failed-to-explicitly-disclose-critical-flaw-exploited-by-russian-hackers\/","title":{"rendered":"WatchGuard Failed To Explicitly Disclose Critical Flaw Exploited By Russian Hackers"},"content":{"rendered":"<figure class=\"intro-image intro-left\"> <img decoding=\"async\" src=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2022\/04\/GettyImages-1299483011-800x451.jpg\" alt=\"WatchGuard failed to explicitly disclose critical flaw exploited by Russian hackers\"><figcaption class=\"caption\"><\/figcaption><\/figure>\n<aside id=\"social-left\" class=\"social-left\" aria-label=\"Read the comments or share this article\"> <a title=\"46 posters participating\" class=\"comment-count icon-comment-bubble-down\" href=\"https:\/\/arstechnica.com\/information-technology\/2022\/04\/watchguard-failed-to-disclose-critical-flaw-exploited-by-russian-hackers\/?comments=1\"> <\/p>\n<h4 class=\"comment-count-before\">reader comments<\/h4>\n<p> <span class=\"comment-count-number\">64<\/span> <span class=\"visually-hidden\"> with 46 posters participating<\/span> <\/a> <\/p>\n<div class=\"share-links\">\n<h4>Share this story<\/h4>\n<\/p><\/div>\n<\/aside>\n<p> <!-- cache hit 306:single\/related:2c1cf9522a467ea3cdb0f653cc85f389 --><!-- empty --><\/p>\n<p>Security vendor WatchGuard quietly fixed a critical vulnerability in a line of its firewall devices and didn\u2019t explicitly disclose the flaw until Wednesday, following revelations hackers from Russia\u2019s military apparatus <a href=\"https:\/\/arstechnica.com\/information-technology\/2022\/04\/fbi-accesses-us-servers-to-dismantle-botnet-malware-installed-by-russian-spies\/\">exploited it en masse<\/a> to assemble a giant botnet.<\/p>\n<p>Law enforcement agencies in the US and UK on February 23 warned that members of Sandworm\u2014among the Russian government\u2019s most aggressive and elite hacker groups\u2014were <a href=\"https:\/\/arstechnica.com\/information-technology\/2022\/02\/russias-most-cut-throat-hackers-infect-network-devices-with-new-botnet-malware\/\">infecting WatchGuard firewalls with malware<\/a> that made the firewalls part of a vast botnet. On the same day, WatchGuard released a <a href=\"https:\/\/detection.watchguard.com\/Detector\">software tool<\/a> and <a href=\"https:\/\/detection.watchguard.com\/\">instructions<\/a> for identifying and locking down infected devices.<\/p>\n<p>Neither those pages nor a FAQ published that day made any reference to the vulnerability, though the instructions did say uses should ensure their appliances were running the latest version of the company&#8217;s Fireware OS. Instead, the company quietly updated the May 2021 release notes to add a reference to CVE-2022-23176. This was the first time the vulnerability was mentioned, but since WatchGuard didn&#8217;t explicitly call it out in the FAQ, users were left to revisit the release notes and click through to a second page learning of the critical vulnerability.<\/p>\n<h2>Putting customers at unnecessary risk<\/h2>\n<p>In court documents unsealed on Wednesday, an FBI agent wrote that the WatchGuard firewalls hacked by Sandworm were \u201cvulnerable to an exploit that allows unauthorized remote access to the management panels of those devices.\u201d It wasn&#8217;t until after the court document was public that WatchGuard <a href=\"https:\/\/techsearch.watchguard.com\/KB?type=Article&amp;SFDCID=kA16S000000SOCGSA4&amp;lang=en_US\">updated the FAQ<\/a> to mention CVE-2022-23176, a vulnerability with a severity rating of 8.8 out of a possible 10.<\/p>\n<p>\u201cWatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access,\u201d the description read. \u201cThis vulnerability impacts Fireware OS before 12.7.2_U1, 12.x before 12.1.3_U3, and 12.2.x through 12.5.x before 12.5.7_U3.\u201d<\/p>\n<p>The WatchGuard FAQ said that CVE-2022-23176 had been \u201cfully addressed by security fixes that started rolling out in software updates in May 2021.\u201d The FAQ went on to say that investigations by WatchGuard and outside security firm Mandiant \u201cdid not find evidence the threat actor exploited a different vulnerability.\u201d<\/p>\n<aside class=\"ad_wrapper\" aria-label=\"In Content advertisement\"> <span class=\"ad_notice\">Advertisement <\/span> <\/aside>\n<p>When WatchGuard released the May 2021 software updates, the company made only the most oblique of references to the vulnerability.<\/p>\n<p>\u201cThese releases also include fixes to resolve internally detected security issues,\u201d a <a href=\"https:\/\/www.watchguard.com\/wgrd-blog\/new-fireware-update-releases\">company post<\/a> stated. \u201cThese issues were found by our engineers and not actively found in the wild. For the sake of not guiding potential threat actors toward finding and exploiting these internally discovered issues, we are not sharing technical details about these flaws that they contained.\u201d<\/p>\n<p>According to Wednesday\u2019s FAQ, FBI agents informed WatchGuard in November that about 1 percent of the firewalls it had sold had been infected by Cyclops Blink, a new strain of malware developed by Sandworm to replace a botnet the <a href=\"https:\/\/arstechnica.com\/information-technology\/2018\/05\/fbi-seizes-server-russia-allegedly-used-to-infect-500000-consumer-routers\/\">FBI dismantled in 2018<\/a>. Three months after learning of the infections from the FBI, WatchGuard published the detection tool and the accompanying 4-Step Diagnosis and Remediation Plan for infected devices. It also buried reference to the CVE in the release notes.<\/p>\n<p>In the FAQ updated on Wednesday, WatchGuard said that Justice Department officials and court orders &#8220;directed WatchGuard to delay disclosure until official authorization was granted.&#8221; It&#8217;s not clear that the directive prevented WatchGuard from disclosing the CVE until Wednesday, but if it did, WatchGuard violated the order since it buried a reference to the vulnerability in the updated release notes.<\/p>\n<p>Security professionals, many of whom have spent weeks working to rid the Internet of vulnerable devices, blasted WatchGuard for the failure to explicitly disclose.<\/p>\n<p>\u201cAs it turns out, threat actors *DID* find and exploit the issues,\u201d Will Dormann, a vulnerability analyst at CERT, said in a private message. He was referring to the WatchGuard explanation from May that the company was withholding technical details to prevent the security issues from being exploited. \u201cAnd without a CVE issued, more of their customers were exposed than needed to be.\u201d<\/p>\n<p>He continued:<\/p>\n<blockquote>\n<p>WatchGuard should have assigned a CVE when they released an update that fixed the vulnerability. They also had a second chance to assign a CVE when they were contacted by the FBI in November. But they waited for nearly 3 full months after the FBI notification (about 8 months total) before assigning a CVE. This behavior is harmful, and it put their customers at unnecessary risk.<\/p>\n<\/blockquote>\n<p>WatchGuard representatives didn\u2019t respond to repeated requests for clarification or comment until 16 hours after this post went live on Ars. This post has been updated to correct the date the company first made reference to the CVE. It was quietly added to release notes on February 23. The company didn&#8217;t explicitly call it out until updating the FAQ on Wednesday.<\/p>\n<p>A WatchGuard spokesman didn&#8217;t explain why the company waited until this year to obtain a CVE for such a security flaw with this level of severity.<\/p>\n<p> READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/33300\/WatchGuard-Failed-To-Explicitly-Disclose-Critical-Flaw-Exploited-By-Russian-Hackers.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":46096,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[277],"tags":[9948],"class_list":["post-46095","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-blogs","tag-headlinehackerrussiaflawcyberwarpassword"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>WatchGuard Failed To Explicitly Disclose Critical Flaw Exploited By Russian Hackers 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/watchguard-failed-to-explicitly-disclose-critical-flaw-exploited-by-russian-hackers\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"WatchGuard Failed To Explicitly Disclose Critical Flaw Exploited By Russian Hackers 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/watchguard-failed-to-explicitly-disclose-critical-flaw-exploited-by-russian-hackers\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2022-04-07T15:28:13+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2022\/04\/GettyImages-1299483011-800x451.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/watchguard-failed-to-explicitly-disclose-critical-flaw-exploited-by-russian-hackers\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/watchguard-failed-to-explicitly-disclose-critical-flaw-exploited-by-russian-hackers\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"WatchGuard Failed To Explicitly Disclose Critical Flaw Exploited By Russian Hackers\",\"datePublished\":\"2022-04-07T15:28:13+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/watchguard-failed-to-explicitly-disclose-critical-flaw-exploited-by-russian-hackers\\\/\"},\"wordCount\":836,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/watchguard-failed-to-explicitly-disclose-critical-flaw-exploited-by-russian-hackers\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/04\\\/watchguard-failed-to-explicitly-disclose-critical-flaw-exploited-by-russian-hackers.jpg\",\"keywords\":[\"headline,hacker,russia,flaw,cyberwar,password\"],\"articleSection\":[\"CyberSecurity Blogs\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/watchguard-failed-to-explicitly-disclose-critical-flaw-exploited-by-russian-hackers\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/watchguard-failed-to-explicitly-disclose-critical-flaw-exploited-by-russian-hackers\\\/\",\"name\":\"WatchGuard Failed To Explicitly Disclose Critical Flaw Exploited By Russian Hackers 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/watchguard-failed-to-explicitly-disclose-critical-flaw-exploited-by-russian-hackers\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/watchguard-failed-to-explicitly-disclose-critical-flaw-exploited-by-russian-hackers\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/04\\\/watchguard-failed-to-explicitly-disclose-critical-flaw-exploited-by-russian-hackers.jpg\",\"datePublished\":\"2022-04-07T15:28:13+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/watchguard-failed-to-explicitly-disclose-critical-flaw-exploited-by-russian-hackers\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/watchguard-failed-to-explicitly-disclose-critical-flaw-exploited-by-russian-hackers\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/watchguard-failed-to-explicitly-disclose-critical-flaw-exploited-by-russian-hackers\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/04\\\/watchguard-failed-to-explicitly-disclose-critical-flaw-exploited-by-russian-hackers.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/04\\\/watchguard-failed-to-explicitly-disclose-critical-flaw-exploited-by-russian-hackers.jpg\",\"width\":800,\"height\":451},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/watchguard-failed-to-explicitly-disclose-critical-flaw-exploited-by-russian-hackers\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,russia,flaw,cyberwar,password\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinehackerrussiaflawcyberwarpassword\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"WatchGuard Failed To Explicitly Disclose Critical Flaw Exploited By Russian Hackers\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"WatchGuard Failed To Explicitly Disclose Critical Flaw Exploited By Russian Hackers 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/watchguard-failed-to-explicitly-disclose-critical-flaw-exploited-by-russian-hackers\/","og_locale":"en_US","og_type":"article","og_title":"WatchGuard Failed To Explicitly Disclose Critical Flaw Exploited By Russian Hackers 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/watchguard-failed-to-explicitly-disclose-critical-flaw-exploited-by-russian-hackers\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2022-04-07T15:28:13+00:00","og_image":[{"url":"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2022\/04\/GettyImages-1299483011-800x451.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/watchguard-failed-to-explicitly-disclose-critical-flaw-exploited-by-russian-hackers\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/watchguard-failed-to-explicitly-disclose-critical-flaw-exploited-by-russian-hackers\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"WatchGuard Failed To Explicitly Disclose Critical Flaw Exploited By Russian Hackers","datePublished":"2022-04-07T15:28:13+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/watchguard-failed-to-explicitly-disclose-critical-flaw-exploited-by-russian-hackers\/"},"wordCount":836,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/watchguard-failed-to-explicitly-disclose-critical-flaw-exploited-by-russian-hackers\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/04\/watchguard-failed-to-explicitly-disclose-critical-flaw-exploited-by-russian-hackers.jpg","keywords":["headline,hacker,russia,flaw,cyberwar,password"],"articleSection":["CyberSecurity Blogs"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/watchguard-failed-to-explicitly-disclose-critical-flaw-exploited-by-russian-hackers\/","url":"https:\/\/www.threatshub.org\/blog\/watchguard-failed-to-explicitly-disclose-critical-flaw-exploited-by-russian-hackers\/","name":"WatchGuard Failed To Explicitly Disclose Critical Flaw Exploited By Russian Hackers 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/watchguard-failed-to-explicitly-disclose-critical-flaw-exploited-by-russian-hackers\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/watchguard-failed-to-explicitly-disclose-critical-flaw-exploited-by-russian-hackers\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/04\/watchguard-failed-to-explicitly-disclose-critical-flaw-exploited-by-russian-hackers.jpg","datePublished":"2022-04-07T15:28:13+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/watchguard-failed-to-explicitly-disclose-critical-flaw-exploited-by-russian-hackers\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/watchguard-failed-to-explicitly-disclose-critical-flaw-exploited-by-russian-hackers\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/watchguard-failed-to-explicitly-disclose-critical-flaw-exploited-by-russian-hackers\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/04\/watchguard-failed-to-explicitly-disclose-critical-flaw-exploited-by-russian-hackers.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/04\/watchguard-failed-to-explicitly-disclose-critical-flaw-exploited-by-russian-hackers.jpg","width":800,"height":451},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/watchguard-failed-to-explicitly-disclose-critical-flaw-exploited-by-russian-hackers\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,russia,flaw,cyberwar,password","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackerrussiaflawcyberwarpassword\/"},{"@type":"ListItem","position":3,"name":"WatchGuard Failed To Explicitly Disclose Critical Flaw Exploited By Russian Hackers"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/46095","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=46095"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/46095\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/46096"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=46095"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=46095"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=46095"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}