Cybersecurity experts have revealed a critical vulnerability, CVE-2025-9242, in WatchGuard Fireware that could allow unauthenticated remote code execution. The flaw has been patched in several versions and highlights the importance of timely updates for VPN security systems. #CVE20259242 #WatchGuardFireware
Keypoints
- The vulnerability CVE-2025-9242 affects multiple versions of WatchGuard Fireware OS, including 11.10.2 to 11.12.4_Update1 and 12.0 to 12.11.3.
- It allows remote attackers to execute arbitrary code by exploiting an out-of-bounds write in the IKEv2 VPN process.
- The flaw stems from a missing length check during certificate validation, enabling buffer overflow and pre-authentication code execution.
- Attackers could weaponize the flaw to spawn a Python shell and escalate control to a full Linux shell, bypassing security mitigations.
- Security experts warn that such vulnerabilities are attractive to ransomware gangs due to their impact on internet-exposed services and unauthenticated exploitability.
Read More: https://thehackernews.com/2025/10/researchers-uncover-watchguard-vpn-bug.html