Out-of-Bounds Write Vulnerability in WatchGuard Fireware OS
CVE-2025-14733

9.3CRITICAL

Key Information:

Vendor: Watchguard
Status: Fireware Os
Vendor: CVE Published:; 19 December 2025

Badges

📰 News Worthy

What is CVE-2025-14733?

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS potentially allows remote attackers to execute arbitrary code. This vulnerability particularly impacts configurations using Mobile User VPN with IKEv2 and the Branch Office VPN connected via a dynamic gateway peer. Affected versions include Fireware OS 11.10.2 to 11.12.4_Update1, 12.0 to 12.11.5, and 2025.1 to 2025.1.3.

Affected Version(s)

Fireware OS 11.10.2 <= 11.12.4+541730

Fireware OS 12.0 <= 12.11.5

Fireware OS 12.5 <= 12.5.14

News Articles

The Hacker News

CVE-2025-14733

WatchGuard Warns of Active Exploitation of Critical Fireware OS VPN Vulnerability

WatchGuard fixed CVE-2025-14733, a critical Fireware OS VPN flaw with CVSS 9.3 that is actively exploited in the wild.

8 hours ago

References

https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-...

CVSS V4

Score:

9.3

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

📰
First article discovered by The Hacker News
Dec 19, 2025
Vulnerability published
Dec 19, 2025
Vulnerability Reserved
Dec 15, 2025

JSON

Watchguard

Badges

What is CVE-2025-14733?

Affected Version(s)

News Articles

WatchGuard Warns of Active Exploitation of Critical Fireware OS VPN Vulnerability

References

CVSS V4

Timeline