Cybercriminals are actively exploiting a critical zero-day vulnerability in WatchGuard Firebox firewalls, prompting CISA to add it to its priority threat list. The flaw, CVE-2025-14733, allows remote code execution on affected devices through VPN configurations.
WatchGuard discovered the vulnerability internally on December 15 and released a patch three days later. The company warns this is part of a broader campaign targeting edge networking devices from multiple vendors, following similar attacks on Fortinet and SonicWall systems this month.
Nearly 125,000 vulnerable devices remain exposed globally, with over 35,000 in the US. WatchGuard urges immediate patching.
Source: Dark Reading