Critical-Rated WatchGuard Firebox Flaw Under Active Attack

Critical-rated WatchGuard Firebox flaw under active attack

: Newly disclosed vulnerability already being abused, users urged to lock down exposed firewalls

New critical WatchGuard Firebox firewall flaw exploited in attacks

WatchGuard has warned customers to patch a critical, actively exploited remote code execution (RCE) vulnerability in its Firebox firewalls.

WatchGuard sounds alarm as critical Firebox flaw comes under active attack

Newly disclosed vulnerability already being abused, users urged to lock down exposed firewalls WatchGuard is in emergency patch mode after confirming that a critical remote code execution flaw in its Firebox firewalls is under active attack.… This article has been indexed from The Register – Security Read the original article: WatchGuard sounds alarm as critical Firebox flaw comes under active attack The post WatchGuard sounds alarm as critica…

CISA Adds One Known Exploited Vulnerability to Catalog

CISA Adds One Known Exploited Vulnerability to Catalog ggaylor Dec 19, 2025 Release DateDecember 19, 2025 DescriptionCISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.CVE-2025-14733 WatchGuard Firebox Out-of-Bounds Write Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enter…

WatchGuard fixes ‘critical’ zero-day allowing firewall takeover

WatchGuard has issued an urgent patch alert for its Firebox firewall appliances after discovering a critical-rated vulnerability that is under exploit by threat actors. Tracked as CVE-2025-14733, with a CVSS score of 9.3, the flaw is an Out-of-bounds Write vulnerability affecting the iked process, a WatchGuard Fireware OS component responsible for the IKEv2 key exchange in IPSec VPNs. According to the WatchGuard advisory, this weakness could “al…

WatchGuard Warns of Active Exploitation of Critical Fireware OS VPN Vulnerability

WatchGuard has released fixes to address a critical security flaw in Fireware OS that it said has been exploited in real-world attacks. Tracked as CVE-2025-14733 (CVSS score: 9.3), the vulnerability has been described as a case of out-of-bounds write affecting the iked process that could allow a remote unauthenticated attacker to execute arbitrary code. "This vulnerability affects both the