1. Forum
  2. tqwNet
  3. TQW GENTECH

  • WatchGuard Firebox OS forced to patch worrying security flaw, so

    From TechnologyDaily@1337:1/100 to All on Mon Dec 22 15:30:08 2025
    WatchGuard Firebox OS forced to patch worrying security flaw, so update now

    Date:
    Mon, 22 Dec 2025 15:20:00 +0000

    Description:
    The firewall maker found a critical RCE that is being abused in the wild.

    FULL STORY ======================================================================WatchGua rd patches critical RCE flaw (CVE202514733) in Firebox firewalls, being actively exploited in the wild CISA added it to KEV; federal agencies must patch or stop use by December 26 Workarounds include disabling dynamic peer BOVPNs and tightening firewall policies until fixes are applied

    WatchGuard has patched a critical-severity zero-day vulnerability in its Firebox firewalls, and urged all users to apply the fix immediately.

    In a new security advisory, the company said firewalls running Fireware OS 11.x and later, 12.x and later, and 2025.1 up to (and including) 2025.1.3, contained an out-of-bounds write vulnerability that allowed unauthenticated attackers to execute arbitrary code, remotely (RCE). This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer.

    The flaw is now tracked as CVE-2025-14733, and was given a severity score of 9.3/10 (critical). WatchGuard said it has seen threat actors actively attempting to exploit the vulnerability in the wild, but did not discuss
    which groups were using it, or against whom. CISA adds the bug to KEV

    Those that cannot apply the fix immediately can work around the issue by disabling dynamic peer BOVPNs, adding new firewall policies, and disabling
    the default system policies that handle VPN traffic.

    At the same time, the US Cybersecurity and Infrastructure Security Agency (CISA) added the RCE flaw to its Known Exploited Vulnerabilities (KEV) catalog, giving all Federal Civilian Executive Branch (FCEB) agencies just a one-week deadline to patch up or stop using vulnerable Firebox firewalls entirely.

    The entry was added on December 19, with the due date being December 26.

    A few months ago, WatchGuard patched a similar RCE bug in its Firebox firewalls, BleepingComputer reported. In October 2025, internet watchdog Shadowserver said there were more than 75,000 exposed instances, with the majority being located in North America, and Europe. This vulnerability, too, was added to CISAs KEV a few weeks later.

    WatchGuard Technologies is a global cybersecurity company that serves more than 250,000 customers worldwide across small and midsize enterprises, MSPs, and other organizations.

    Via BleepingComputer

    Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the
    Follow button!

    And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/watchguard-firebox-os-forced-to-patch-w orrying-security-flaw-so-update-now


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)