- WatchGuard fixes critical RCE flaw (CVE‑2025‑14733) in Firebox firewalls, which is actively exploited in the wild
- CISA added it to KEV; Federal agencies must patch or suspend its use by December 26.
- Workarounds include disabling dynamic peer BOVPN and enforcing firewall policies until fixes are applied.
WatchGuard patched a critical severity zero-day vulnerability in its Firebox firewalls and urged all users to apply the fix immediately.
In a new security advisory, the company said that firewalls running Fireware OS 11.x and later, 12.x and later, and 2025.1 up to and including 2025.1.3, contained an out-of-bounds write vulnerability that allowed unauthenticated attackers to remotely execute arbitrary code (RCE). This vulnerability affects both the mobile user VPN using IKEv2 and the branch VPN using IKEv2 when configured with a dynamic gateway pair.
The flaw is now tracked as CVE-2025-14733 and has been assigned a severity score of 9.3/10 (critical). WatchGuard said it has seen threat actors “actively trying to exploit” the vulnerability in the wild, but did not discuss which groups were using it or against whom.
CISA adds the error to KEV
Those who cannot apply the fix immediately can fix the problem by disabling dynamic peer-to-peer BOVPNs, adding new firewall policies, and disabling default system policies that handle VPN traffic.
At the same time, the US Cybersecurity and Infrastructure Security Agency (CISA) added the RCE flaw to its catalog of Known Exploited Vulnerabilities (KEV), giving all Federal Civil Executive Branch (FCEB) agencies just one week to patch or stop using vulnerable Firebox firewalls entirely.
Entry was added on December 19, with the deadline being December 26.
A few months ago, WatchGuard fixed a similar RCE bug on its Firebox firewalls. beepcomputer reported. As of October 2025, internet watchdog Shadowserver said there were more than 75,000 exposed cases, most located in North America and Europe. This vulnerability was also added to CISA’s KEV a few weeks later.
WatchGuard Technologies is a global cybersecurity company serving more than 250,000 customers worldwide across small and medium-sized businesses, MSPs, and other organizations.
Through beepcomputer
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds. Be sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp also.
