Er is een kwetsbaarheid verholpen in WatchGuard Fireware OS. Er is een kwetsbaarheid verholpen in WatchGuard Fireware OS. De kwetsbaarheid CVE-2025-14733 betref…

A critical vulnerability (CVE-2025-14733) has been patched in WatchGuard Fireware OS affecting WatchGuard Firebox devices. The vulnerability involves an out-of-bounds write in the iked process and affects both Mobile User VPN (IKEv2) and Branch Office VPN (IKEv2) when configured with dynamic gateway peers. The flaw allows unauthenticated remote attackers to execute arbitrary code. Systems may remain vulnerable even after removing certain VPN configurations if a Branch Office VPN to a static gateway peer is still configured. WatchGuard has observed active exploitation attempts of this vulnerability.