WatchGuard has issued fixes for a critical vulnerability in its Fireware OS, identified as CVE-2025-14733, which has been found to be actively exploited in the wild. This vulnerability, rated with a CVSS score of 9.3, is an out-of-bounds write flaw related to the iked process, allowing remote, unauthenticated attackers to execute arbitrary code.
The vulnerability specifically impacts configurations involving mobile user VPNs with IKEv2 and branch office VPNs also using IKEv2 when set up with a dynamic gateway peer. WatchGuard noted that even if these configurations are deleted, the Firebox might remain vulnerable if a branch office VPN to a static gateway peer is still configured.
The affected versions of Fireware OS include:
- 2025.1 – Fixed in 2025.1.4
- 12.x – Fixed in 12.11.6
- 12.5.x (T15 & T35 models) – Fixed in 12.5.15
- 12.3.1 (FIPS-certified release) – Fixed in 12.3.1_Update4
- 11.x (11.10.2 through 11.12.4_Update1) – End-of-Life
WatchGuard has reported that certain threat actors are targeting this vulnerability, with attacks traced back to specific IP addresses. Interestingly, one traced IP address had previously been connected to exploitation attempts linked to other security vulnerabilities in Fortinet’s products.
As part of the advisory, WatchGuard provided indicators of compromise (IoCs) to help users assess whether their systems have been compromised. These include specific log messages and abnormal behaviors in the iked process during an exploit attempt.
Just over a month prior, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) had added another critical flaw in WatchGuard Fireware OS to its Known Exploited Vulnerabilities catalog, underscoring the urgency of securing these systems.
To safeguard against potential threats, WatchGuard urged users to promptly apply available updates and implement temporary mitigations for devices with vulnerable configurations. This includes disabling dynamic peer BOVPNs and creating firewall policies that allow access from known static IP addresses.
Welcome to DediRock, your trusted partner in high-performance hosting solutions. At DediRock, we specialize in providing dedicated servers, VPS hosting, and cloud services tailored to meet the unique needs of businesses and individuals alike. Our mission is to deliver reliable, scalable, and secure hosting solutions that empower our clients to achieve their digital goals. With a commitment to exceptional customer support, cutting-edge technology, and robust infrastructure, DediRock stands out as a leader in the hosting industry. Join us and experience the difference that dedicated service and unwavering reliability can make for your online presence. Launch our website.