CVE 9.3 CRITICAL

WatchGuard Firebox iked Out of Bounds Write Vulnerability_CVE-2025-14733

December 18, 2025 invoker category_cve

9.3 / 10

CRITICAL

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/U:Red

Description

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to execute arbitrary code. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer.This vulnerability affects Fireware OS 11.10.2 up to and including 11.12.4_Update1, 12.0 up to and including 12.11.5 and 2025.1 up to and including 2025.1.3.

AI Analysis

Out-of-bounds Write vulnerability in WatchGuard Fireware OS allowing remote code execution

Basic Information

ID CVE-2025-14733

Source WatchGuard

Published Dec 19, 2025 at 00:01

Affected Product

Vendor WatchGuard

Product Fireware OS

Version 11.10.2, 12.0, 12.5, 2025.1

Affected Versions WatchGuard Fireware OS 11.10.2
WatchGuard Fireware OS 12.0
WatchGuard Fireware OS 12.5
WatchGuard Fireware OS 2025.1

CWE Classification

CWE-787

AI Assessment

AI Score 9.3 / 10

AI Severity Critical

Vendor WatchGuard

Product Fireware OS

Version 11.10.2, 12.0, 12.5, 2025.1

References

www.watchguard.com /wgrd-psirt/advisory/wgsa-2025-00027

{
    "lastseen": "",
    "description": "An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to execute arbitrary code. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer.This vulnerability affects Fireware OS 11.10.2 up to and including 11.12.4_Update1, 12.0 up to and including 12.11.5 and 2025.1 up to and including 2025.1.3.",
    "published": "2025-12-19T00:01:55.722Z",
    "modified": "2025-12-19T00:01:55.722Z",
    "type": "cve",
    "title": "WatchGuard Firebox iked Out of Bounds Write Vulnerability",
    "source": "WatchGuard",
    "references": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-00027",
    "id": "CVE-2025-14733",
    "bulletinFamily": "",
    "cwe": [
        "CWE-787"
    ],
    "cvelist": null,
    "sourceData": "WatchGuard Fireware OS 11.10.2\nWatchGuard Fireware OS 12.0\nWatchGuard Fireware OS 12.5\nWatchGuard Fireware OS 2025.1",
    "sourceHref": "",
    "cvss": {
        "score": 9.3,
        "severity": "CRITICAL",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/U:Red",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Fireware OS",
    "version": "11.10.2, 12.0, 12.5, 2025.1",
    "vendor": "WatchGuard",
    "ai_description": "Out-of-bounds Write vulnerability in WatchGuard Fireware OS allowing remote code execution",
    "ai_severity": "Critical",
    "ai_vendor": "WatchGuard",
    "ai_product": "Fireware OS",
    "ai_version": "11.10.2, 12.0, 12.5, 2025.1",
    "ai_score": 9.3
}

💭 Join the Security Discussion ❌ Cancel Reply