WatchGuard has issued updates to fix a critical remote code execution vulnerability (CVE-2025-9242) affecting Firebox firewalls, which can be exploited through an out-of-bounds write in the Fireware OS. Although not yet exploited in the wild, administrators are urged to patch their devices to prevent potential attacks from threat actors targeting firewall vulnerabilities. #CVE-2025-9242 #FirewareOS #WatchGuardFirebox
Keypoints
- WatchGuard released security updates for Firebox firewalls to address CVE-2025-9242.
- The vulnerability involves an out-of-bounds write in the Fireware OS iked process that permits remote code execution.
- Firewalls running vulnerable versions are affected if configured with IKEv2 VPN, especially with static gateway peers.
- Despite no current exploitation, administrators are advised to patch quickly due to high threat actor interest.
- Temporary workarounds are available for those unable to immediately update affected devices.