WatchGuard Patches Critical Firebox Zero-Day After Wild Exploitation

WatchGuard patches critical zero-day in Firebox firewalls, CVE-2025-14733, a flaw allowing remote code execution via iked process.

By Content Team

Dec 22, 2025

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

WatchGuard has patched a critical zero-day vulnerability (CVE-2025-14733) in its Firebox firewalls after detecting active exploitation in the wild. The flaw, scoring 9.3 on the CVSS scale, allows remote attackers to execute code without authentication through an out-of-bounds write issue in the iked process.

The Shadowserver Foundation identified roughly 125,000 vulnerable IP addresses worldwide, including nearly 40,000 in the United States. The vulnerability affects VPN configurations using IKEv2, particularly mobile user VPN and branch office VPN setups with dynamic gateway peers.

Patches are available for supported Fireware OS versions, but version 11.x won't receive fixes due to end-of-life status. CISA added the vulnerability to its Known Exploited Vulnerabilities catalog, giving federal agencies one week to remediate.

Source: Security Week

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

Russian Hackers Exploit Microsoft Office Bug Just 3 Days After Patch

Feb 4, 2026

European Commission Hit by Major Data Breach Through Supply Chain Attack

Apr 5, 2026

FortiGate Firewalls Under Automated Attack Since January 15

Jan 26, 2026

Iran-Linked Hackers Disrupt Medical Giant Stryker's Global Operations

Mar 13, 2026