WatchGuard Fireware Remote Code Execution Vulnerability

Release Date: 22 Dec 2025 8686 Views

RISK: Extremely High Risk

Extremely High Risk

TYPE: Servers - Other Servers

TYPE: Other Servers

A vulnerability has been identified in WatchGuard Fireware. A remote attacker could exploit this vulnerability to trigger remote code execution on the targeted system.

 

Note:

CVE-2025-14733 is being exploited in the wild. An Out-of-bounds Write vulnerability in the WatchGuard Fireware OS iked process may allow a remote unauthenticated attacker to execute arbitrary code. This vulnerability affects both the mobile user VPN with IKEv2 and the branch office VPN using IKEv2 when configured with a dynamic gateway peer. Hence, the risk level is rated as Extremely High Risk.

 

Impact

  • Remote Code Execution

System / Technologies affected

  • Fireware OS 11.10.2 up to and including 11.12.4_Update1
  • Fireware OS 12.0 up to and including 12.11.5
  • Fireware OS 2025.1 up to and including 2025.1.3

    Solutions

    Before installation of the software, please visit the vendor web-site for more details.

     

    Apply fixes issued by the vendor:

    Vulnerability Identifier

    Source

    Related Link

    Related Tags

    WatchGuardRemote Code ExecutionExploit In The Wild

    Share with

    Previous

    Microsoft Edge Remote Code Execution Vulnerabilities

    19 Dec 2025 17874 Views

    Next

    Ubuntu Linux Kernel Multiple Vulnerabilities

    4 Dec 2025 13295 Views

    We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

    PRIVACY POLICY