#ikev2-vpn

[ follow ]
#watchguard #fireware-os #cve-2025-14733 #remote-code-execution #watchguard-fireware #cve-2025-9242
Information security
fromThe Hacker News
1 day ago

WatchGuard Warns of Active Exploitation of Critical Fireware OS VPN Vulnerability

WatchGuard fixed a critical out-of-bounds write vulnerability (CVE-2025-14733) in Fireware OS that enabled remote unauthenticated code execution and was actively exploited.
fromThe Hacker News
2 months ago

Researchers Uncover WatchGuard VPN Bug That Could Let Attackers Take Over Devices

The vulnerability, tracked as CVE-2025-9242 (CVSS score: 9.3), is described as an out-of-bounds write vulnerability affecting Fireware OS 11.10.2 up to and including 11.12.4_Update1, 12.0 up to and including 12.11.3 and 2025.1. "An out-of-bounds write vulnerability in the WatchGuard Fireware OS iked process may allow a remote unauthenticated attacker to execute arbitrary code," WatchGuard said in an advisory released last month. "This vulnerability affects both the mobile user VPN with IKEv2 and the branch office VPN using IKEv2 when configured with a dynamic gateway peer."
Privacy technologies
[ Load more ]