WatchGuard fixes actively exploited critical vulnerability in Fireware OS (CVE-2025-14733)
WatchGuard has issued a security alert and released patches to address a critical vulnerability in its Fireware operating system that the company has confirmed has been actively exploited in real-world attacks. The vulnerability, identified as CVE-2025-14733, affects IKEv2 VPN configurations and has a CVSS score of 9.3 (Critical), allowing remote code execution by unauthenticated attackers. Vulnerability Details (CVE-2025-14733) The security flaw is a case of out-of-bounds write that resides in the Fireware OS iked process. This vulnerability could be exploited by a remote attacker without requiring authentication, allowing them to execute arbitrary code on the system. ...