- WatchGuard Fixes Critical RCE Vulnerability (CVE-2025-14733) in Firebox Firewalls Actively Exploited in the Wild
- CISA added it to KEV; federal agencies must patch or end use by Dec. 26
- Workarounds include disabling dynamic peer BOVPNs and tightening firewall policies until fixes are applied
WatchGuard has patched a critical severity zero-day vulnerability in its Firebox firewalls and encouraged all users to apply the patch immediately.
In a new security advisory, the company said firewalls running Fireware OS 11.x and later, 12.x and later, and 2025.1 through (and including) 2025.1.3 contained an out-of-bounds write vulnerability that allowed unauthorized attackers to remotely execute arbitrary code (RCE). This vulnerability affects both Mobile User VPN with IKEv2 and Branch Office VPN that uses IKEv2 when configured with a dynamic gateway peer.
The bug is now tracked as CVE-2025-14733 and was given a severity score of 9.3/10 (Critical). WatchGuard said it has seen threat actors “actively attempting to exploit” the vulnerability in the wild, but did not discuss which groups used it or against whom.
CISA adds the error to KEV
Those who cannot apply the fix immediately can work around the issue by disabling dynamic peer BOVPNs, adding new firewall policies, and disabling the default system policies that handle VPN traffic.
At the same time, the US Cybersecurity and Infrastructure Security Agency (CISA) added the RCE flaw to its catalog of known exploited vulnerabilities (KEV), giving all Federal Civilian Executive Branch (FCEB) agencies only one week to patch or completely stop using vulnerable Firebox firewalls.
The post was added on December 19th, with a due date of December 26th.
A few months ago, WatchGuard fixed a similar RCE bug in its Firebox firewalls, Bleeping Computer reported. As of October 2025, internet watchdog Shadowserver said there were more than 75,000 exposed cases, with the majority located in North America and Europe. This vulnerability was also added to CISA’s KEV a few weeks later.
WatchGuard Technologies is a global cybersecurity company serving more than 250,000 customers worldwide across small and medium-sized businesses, MSPs and other organizations.
Via Bleeping Computer
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, video unboxings, and get regular updates from us on WhatsApp also.
