Out-of-Bounds Write Vulnerability in WatchGuard Fireware OS
CVE-2025-14733
Key Information:
- Vendor
Watchguard
- Status
- Vendor
- CVE Published:
- 19 December 2025
Badges
What is CVE-2025-14733?
CVE-2025-14733 is a critical out-of-bounds write vulnerability found in WatchGuard Fireware OS, a platform widely utilized for network security, including firewalls and virtual private networks (VPNs). This vulnerability specifically impacts the Mobile User VPN and Branch Office VPN features that use IKEv2 protocol, particularly when configured with dynamic gateway peers. When exploited, it allows a remote unauthenticated attacker to execute arbitrary code on the affected devices, potentially granting full control over the system. Such unauthorized control could lead to significant operational disruptions and breaches of sensitive corporate data, making it a serious concern for organizations relying on WatchGuard solutions for security.
Potential impact of CVE-2025-14733
-
Remote Code Execution: The vulnerability allows attackers to execute arbitrary code remotely, which can lead to complete system takeover. This could compromise critical infrastructure and lead to unauthorized access to sensitive organizational data.
-
Service Disruption: Successful exploitation can cause denial of service by disrupting the functionality of security devices, such as firewalls or VPN services. This disruption can prevent legitimate users from accessing necessary systems, adversely affecting business operations.
-
Data Breaches: Given that the vulnerability facilitates control over security appliances, attackers could leverage this to access confidential data. This poses substantial risks for data integrity and could lead to significant financial and reputational damage for organizations.
CISA has reported CVE-2025-14733
CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2025-14733 as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace as recent news articles suggest the vulnerability is being used by ransomware groups.
The CISA's recommendation is: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Affected Version(s)
Fireware OS 11.10.2 <= 11.12.4+541730
Fireware OS 12.0 <= 12.11.5
Fireware OS 12.5 <= 12.5.14
News Articles
systemtek.co.ukCVE-2025-14733WatchGuard Firebox Iked Out Of Bounds Write Vulnerability (CVE-2025-14733)
- An Out-of-bounds Write vulnerability in the WatchGuard Fireware OS iked process may allow a remote unauthenticated attacker to execute arbitrary code.
2 weeks ago
CVE-2025-14733 Vulnerability: WatchGuard Addresses a Critical RCE Affecting Firebox Firewalls, Actively Exploited for Real-World Attacks | SOC Prime
Explore the details for CVE-2025-14733, a critical Fireware OS vulnerability exploited in the wild, with a deep analysis on the SOC Prime blog.
2 weeks ago
Threat Actors Exploit Zero-Day in WatchGuard Firebox Devices
With attacks on the critical firewall vulnerability, WatchGuard joins a list of edge device vendors whose products have been targeted in recent weeks.
3 weeks ago
References
EPSS Score
36% chance of being exploited in the next 30 days.
CVSS V4
Timeline
- ๐ฐ
Used in Ransomware
- ๐พ
Exploit known to exist
- ๐ฆ
CISA Reported
- ๐ฐ
First article discovered by csoonline.com
Vulnerability published
Vulnerability Reserved