A critical security flaw has been added to the KEV catalog affecting WatchGuard Fireware OS versions, with active exploitation evidence. Over 54,300 devices remain vulnerable, prompting urgent patch recommendations, especially for U.S. government agencies. #CVE-2025-9242 #WatchGuardFireware
Keypoints
- A critical vulnerability, CVE-2025-9242, impacts multiple versions of WatchGuard Fireware OS.
- The flaw allows remote attackers to execute arbitrary code through an out-of-bounds write in the iked process.
- More than 54,300 Firebox devices are vulnerable worldwide, with significant numbers in the U.S. and Europe.
- WatchGuard recommends patching vulnerable devices by December 3, 2025, to mitigate risk.
- Other vulnerabilities, including CVE-2025-62215 and CVE-2025-12480, have also been added to CISAβs KEV catalog.
Read More: https://thehackernews.com/2025/11/cisa-flags-critical-watchguard-fireware.html