Critical RCE flaw impacts over 115,000 WatchGuard firewalls www.bleepingcomputer.com/news/secu…
Over 115,000 WatchGuard Firebox devices exposed online remain unpatched against a critical remote code execution (RCE) vulnerability actively exploited in attacks.
The security flaw, tracked as CVE-2025-14733, affects Firebox firewalls running Fireware OS 11.x and later (including 11.12.4_Update1), 12.x or later (including 12.11.5), and 2025.1 up to and including 2025.1.3.
Successful exploitation enables unauthenticated attackers to execute arbitrary code remotely on vulnerable devices, following low-complexity attacks that don’t require user interaction.
As WatchGuard explained in a Thursday advisory, when it released CVE-2025-14733 security updates and tagged it as exploited in the wild, unpatched Firebox firewalls are only vulnerable to attacks if configured for IKEv2 VPN. It also warned that even if vulnerable configurations are removed, the firewall may still be at risk if a Branch Office VPN (BOVPN) to a static gateway peer is still configured.
