Nearly 76,000 WatchGuard Firebox security appliances worldwide are vulnerable to a critical flaw (CVE-2025-9242) that allows remote code execution. Immediate security updates are essential to prevent potential attacks on these devices, especially in Europe and North America. #WatchGuard #CVE20259242
Keypoints
- Over 75,000 Firebox appliances are exposed on the internet and vulnerable to a critical security flaw.
- The flaw CVE-2025-9242 involves an out-of-bounds write in the ‘iked’ process of Fireware OS.
- Attackers can exploit the vulnerability by sending crafted IKEv2 packets without needing authentication.
- Devices running unsupported versions, such as 11.x, are at higher risk as they will not receive security updates.
- The vendor recommends upgrading to version 2025.1.1 or later and applying the patch promptly to mitigate the threat.