WatchGuard Patches Firebox Zero-Day Exploited in the Wild

WatchGuard Patches Firebox Zero-Day Exploited in the Wild

Posted on By CWS

WatchGuard has launched patches for a critical-severity vulnerability within the Firebox firewalls, warning that it has been exploited within the wild.

Tracked as CVE-2025-14733 (CVSS rating of 9.3), the zero-day is described as an out-of-bounds write challenge affecting the Fireware OS’s iked course of.

Profitable exploitation of the flaw, WatchGuard says, may enable distant, unauthenticated attackers to execute arbitrary code on susceptible units.

The Shadowserver Basis has reported detecting roughly 125,000 IP addresses related to WatchGuard firewalls affected by CVE-2025-14733, together with almost 40,000 positioned in the US.

“This vulnerability impacts each the cell person VPN with IKEv2 and the department workplace VPN utilizing IKEv2 when configured with a dynamic gateway peer,” WatchGuard’s advisory reads.

In line with the seller, even Firebox situations that had the flawed configuration deleted might be susceptible in the event that they nonetheless have a department workplace VPN to a static gateway peer configured.

“WatchGuard has noticed risk actors actively trying to use this vulnerability within the wild,” the corporate warns.

WatchGuard has supplied indicators-of-attack (IoAs) to assist defenders determine potential exploitation makes an attempt in opposition to susceptible Firebox home equipment.

The exploited Firebox vulnerability impacts Fireware OS variations 11.x, 12.x, and 2025.x, and has been resolved in variations 2025.1.4, 12.11.6, 12.5.15, and 12.3.1_Update4 (B728352). No patch can be launched for Fireware OS 11.x, which has reached end-of-life (EoL).Commercial. Scroll to proceed studying.

On Friday, the US cybersecurity company CISA added CVE-2025-14733 to its Recognized Exploited Vulnerabilities (KEV) catalog, urging federal businesses to handle it inside per week.

Per Binding Operational Directive (BOD) 22-01, federal businesses have three weeks to resolve bugs newly added to KEV, however the severity of the exploited Firebox vulnerability calls for expedited remediation, CISA suggests.

WatchGuard’s Firebox firewalls are designed to guard a corporation’s atmosphere from exterior threats, controlling all inbound and outbound community visitors.

Associated: Important WatchGuard Firebox Vulnerability Exploited in Assaults

Associated: HPE Patches Important Flaw in IT Infrastructure Administration Software program

Associated: CISA Warns of Exploited Flaw in Asus Replace Device

Associated: Gigabyte Rolls Out BIOS Updates to Take away Backdoor From Motherboards

Security Week News Tags:, , , , ,

Related Posts

Coinbase Says Rogue Contractor Data Breach Affects 69,461 Users Coinbase Says Rogue Contractor Data Breach Affects 69,461 Users Security Week News
Webinar Today: Redefining Vulnerability Management With Exposure Validation Webinar Today: Redefining Vulnerability Management With Exposure Validation Security Week News
Plex Urges Password Resets Following Data Breach Plex Urges Password Resets Following Data Breach Security Week News
DELMIA Factory Software Vulnerability Exploited in Attacks DELMIA Factory Software Vulnerability Exploited in Attacks Security Week News
Northwest Radiologists Data Breach Impacts 350,000 Washingtonians Northwest Radiologists Data Breach Impacts 350,000 Washingtonians Security Week News
Critical OpenPGP.js Vulnerability Allows Spoofing Critical OpenPGP.js Vulnerability Allows Spoofing Security Week News