WatchGuard has released security updates to fix a critical vulnerability in Fireware OS that has been exploited in real-world attacks. This flaw involves an out-of-bounds write that could allow remote code execution, impacting multiple versions of Fireware OS and VPN configurations. #CVE-2025-14733 #FirewareVulnerability
Keypoints
- WatchGuard issued patches for a critical out-of-bounds write vulnerability in Fireware OS.
- The CVE-2025-14733 flaw affects VPN setups using IKEv2, with active exploitation observed in the wild.
- Threat actors are linked to IP address 199.247.7[.]82, associated with other vulnerabilities exploitation.
- Indicators of compromise include specific log messages, such as long certificate chains and large CERT payloads.
- Users are advised to update their Fireware OS and disable dynamic BOVPNs as a temporary safeguard.
Read More: https://thehackernews.com/2025/12/watchguard-warns-of-active-exploitation.html