A critical Out-of-Bounds Write vulnerability (CVE-2025-9242) affects WatchGuard Fireware OS, allowing remote attackers to execute arbitrary code. Active exploitation and available proof-of-concept increase the urgency to apply patches and rotate secrets. #CVE20259242 #WatchGuardFireware
Keypoints
- The vulnerability impacts the iked process in WatchGuard Fireware OS, which manages IKEv2 VPN connections.
- Both mobile user VPNs and branch office VPNs with dynamic gateways are affected by this flaw.
- WatchGuard has released patches to fix the vulnerability and recommends installing updates immediately.
- Active exploitation of the vulnerability has been observed, emphasizing the need for prompt mitigation.
- Organizations must also rotate all locally stored secrets, including passwords, shared keys, and certificates, on affected devices.
Read More: https://fortiguard.fortinet.com/threat-signal-report/6247