Hackers Actively Exploiting Critical WatchGuard Firewall Zero-Day

Cybercriminals exploit a zero-day in WatchGuard Firebox firewalls, prompting urgent patching to prevent remote code execution.

By Content Team

Dec 23, 2025

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

Cybercriminals are actively exploiting a critical zero-day vulnerability in WatchGuard Firebox firewalls, prompting CISA to add it to its priority threat list. The flaw, CVE-2025-14733, allows remote code execution on affected devices through VPN configurations.

WatchGuard discovered the vulnerability internally on December 15 and released a patch three days later. The company warns this is part of a broader campaign targeting edge networking devices from multiple vendors, following similar attacks on Fortinet and SonicWall systems this month.

Nearly 125,000 vulnerable devices remain exposed globally, with over 35,000 in the US. WatchGuard urges immediate patching.

Source: Dark Reading

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

Critical BeyondTrust Flaw Gives Attackers Full Domain Control

Feb 16, 2026

State-Sponsored Hackers Increasingly Target Defense Workers Through Personal Attacks

Feb 11, 2026

Cisco Patches Critical Zero-Day Flaw Already Being Exploited in the Wild

Jan 24, 2026

What to Do When You Get a Data Breach Notice

Mar 4, 2026