CRITICAL🚩 CISA KEV⚡ EXPLOIT✓ PATCH🇵🇱 Wersja polska

CVE-2025-9242

CVSS 9.3v4.0pub. 2025-09-17upd. 2025-11-14

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to execute arbitrary code. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer.This vulnerability affects Fireware OS 11.10.2 up to and including 11.12.4_Update1, 12.0 up to and including 12.11.3 and 2025.1.

CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • Watchguard Fireboxcloud

    HW
    Watchguard
    wszystkie wersje
  • Watchguard Firebox M270

    HW
    Watchguard
    wszystkie wersje
  • Watchguard Firebox M290

    HW
    Watchguard
    wszystkie wersje
  • Watchguard Firebox M370

    HW
    Watchguard
    wszystkie wersje
  • Watchguard Firebox M390

    HW
    Watchguard
    wszystkie wersje
  • Watchguard Firebox M440

    HW
    Watchguard
    wszystkie wersje
  • Watchguard Firebox M4600

    HW
    Watchguard
    wszystkie wersje
  • Watchguard Firebox M470

    HW
    Watchguard
    wszystkie wersje
  • Watchguard Firebox M4800

    HW
    Watchguard
    wszystkie wersje
  • Watchguard Firebox M5600

    HW
    Watchguard
    wszystkie wersje
  • Watchguard Firebox M570

    HW
    Watchguard
    wszystkie wersje
  • Watchguard Firebox M5800

    HW
    Watchguard
    wszystkie wersje
  • Watchguard Firebox M590

    HW
    Watchguard
    wszystkie wersje
  • Watchguard Firebox M670

    HW
    Watchguard
    wszystkie wersje
  • Watchguard Firebox M690

    HW
    Watchguard
    wszystkie wersje
  • Watchguard Firebox Nv5

    HW
    Watchguard
    wszystkie wersje
  • Watchguard Firebox T115 W

    HW
    Watchguard
    wszystkie wersje
  • Watchguard Firebox T125

    HW
    Watchguard
    wszystkie wersje
  • Watchguard Firebox T125 W

    HW
    Watchguard
    wszystkie wersje
  • Watchguard Firebox T145

    HW
    Watchguard
    wszystkie wersje
  • Watchguard Firebox T145 W

    HW
    Watchguard
    wszystkie wersje
  • Watchguard Firebox T15

    HW
    Watchguard
    wszystkie wersje
  • Watchguard Firebox T185

    HW
    Watchguard
    wszystkie wersje
  • Watchguard Firebox T20

    HW
    Watchguard
    wszystkie wersje
  • Watchguard Firebox T25

    HW
    Watchguard
    wszystkie wersje
  • Watchguard Firebox T35

    HW
    Watchguard
    wszystkie wersje
  • Watchguard Firebox T40

    HW
    Watchguard
    wszystkie wersje
  • Watchguard Firebox T45

    HW
    Watchguard
    wszystkie wersje
  • Watchguard Firebox T55

    HW
    Watchguard
    wszystkie wersje
  • Watchguard Firebox T70

    HW
    Watchguard
    wszystkie wersje

CISA KEV — detailsi

Vendori
WatchGuard
Producti
Firebox
Added to KEVi
November 12, 2025
Remediation deadline (US Federal)i
December 3, 2025(overdue)
Required action (CISA)i

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

CISA descriptioni

WatchGuard Firebox contains an out-of-bounds write vulnerability in the OS iked process that may allow a remote unauthenticated attacker to execute arbitrary code.

🔴
IMMEDIATE ACTION
Actively exploited in the wild (CISA KEV). Patch immediately.
CISA DEADLINE: 3 grudnia 2025
Tags
RCEAuth BypassMemoryVPN
CWE
References

Related vulnerabilities

CVE-2025-14733CRITICAL9.3⚠ KEVPL ✓ten sam produkt

RCE bez uwierzytelnienia w WatchGuard Fireware OS – podatność IKEv2 VPN

CVE-2022-26318CRITICAL9.8⚠ KEVten sam produkt

On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code, aka FBX-22786. T...

CVE-2022-31789CRITICAL9.8ten sam produkt

An integer overflow in WatchGuard Firebox and XTM appliances allows an unauthenticated remote attacker to trig...

CVE-2022-25361CRITICAL9.1ten sam produkt

WatchGuard Firebox and XTM appliances allow an unauthenticated remote attacker to delete arbitrary files from ...

CVE-2022-23176HIGH8.8⚠ KEVten sam produkt

WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the syst...