{"cve_id":"CVE-2025-14733","summary":"An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to execute arbitrary code. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer.This vulnerability affects Fireware OS 11.10.2 up to and including 11.12.4_Update1, 12.0 up to and including 12.11.5 and 2025.1 up to and including 2025.1.3.","cvss":9.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.8,"epss":0.34497,"ranking_epss":0.96974,"kev":true,"propose_action":"WatchGuard Fireware OS iked process contains an out of bounds write vulnerability in the OS iked process. This vulnerability may allow a remote unauthenticated attacker to execute arbitrary code and affects both the mobile user VPN with IKEv2 and the branch office VPN using IKEv2 when configured with a dynamic gateway peer.","ransomware_campaign":"Unknown","references":["https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-00027","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-14733"],"published_time":"2025-12-19T01:16:05","cpes":["cpe:2.3:h:watchguard:firebox_m270:-","cpe:2.3:h:watchguard:firebox_m290:-","cpe:2.3:h:watchguard:firebox_m370:-","cpe:2.3:h:watchguard:firebox_m390:-","cpe:2.3:h:watchguard:firebox_m440:-","cpe:2.3:h:watchguard:firebox_m4600:-","cpe:2.3:h:watchguard:firebox_m470:-","cpe:2.3:h:watchguard:firebox_m4800:-","cpe:2.3:h:watchguard:firebox_m5600:-","cpe:2.3:h:watchguard:firebox_m570:-","cpe:2.3:h:watchguard:firebox_m5800:-","cpe:2.3:h:watchguard:firebox_m590:-","cpe:2.3:h:watchguard:firebox_m670:-","cpe:2.3:h:watchguard:firebox_m690:-","cpe:2.3:h:watchguard:firebox_nv5:-","cpe:2.3:h:watchguard:firebox_t115-w:-","cpe:2.3:h:watchguard:firebox_t125-w:-","cpe:2.3:h:watchguard:firebox_t125:-","cpe:2.3:h:watchguard:firebox_t145-w:-","cpe:2.3:h:watchguard:firebox_t145:-","cpe:2.3:h:watchguard:firebox_t15:-","cpe:2.3:h:watchguard:firebox_t185:-","cpe:2.3:h:watchguard:firebox_t20:-","cpe:2.3:h:watchguard:firebox_t25:-","cpe:2.3:h:watchguard:firebox_t35:-","cpe:2.3:h:watchguard:firebox_t40:-","cpe:2.3:h:watchguard:firebox_t45:-","cpe:2.3:h:watchguard:firebox_t55:-","cpe:2.3:h:watchguard:firebox_t70:-","cpe:2.3:h:watchguard:firebox_t80:-","cpe:2.3:h:watchguard:firebox_t85:-","cpe:2.3:h:watchguard:fireboxcloud:-","cpe:2.3:h:watchguard:fireboxv:-","cpe:2.3:o:watchguard:fireware:11.10.2","cpe:2.3:o:watchguard:fireware:11.10.3","cpe:2.3:o:watchguard:fireware:11.10.4","cpe:2.3:o:watchguard:fireware:11.10.5","cpe:2.3:o:watchguard:fireware:11.10.6","cpe:2.3:o:watchguard:fireware:11.10.7","cpe:2.3:o:watchguard:fireware:11.11","cpe:2.3:o:watchguard:fireware:11.11.1","cpe:2.3:o:watchguard:fireware:11.11.2","cpe:2.3:o:watchguard:fireware:11.11.4","cpe:2.3:o:watchguard:fireware:11.12","cpe:2.3:o:watchguard:fireware:11.12.1","cpe:2.3:o:watchguard:fireware:11.12.2","cpe:2.3:o:watchguard:fireware:11.12.4","cpe:2.3:o:watchguard:fireware:12.0.0","cpe:2.3:o:watchguard:fireware:12.0.1","cpe:2.3:o:watchguard:fireware:12.0.2","cpe:2.3:o:watchguard:fireware:12.1","cpe:2.3:o:watchguard:fireware:12.1.1","cpe:2.3:o:watchguard:fireware:12.1.3","cpe:2.3:o:watchguard:fireware:12.1.4","cpe:2.3:o:watchguard:fireware:12.10","cpe:2.3:o:watchguard:fireware:12.10.1","cpe:2.3:o:watchguard:fireware:12.10.2","cpe:2.3:o:watchguard:fireware:12.10.3","cpe:2.3:o:watchguard:fireware:12.10.4","cpe:2.3:o:watchguard:fireware:12.11","cpe:2.3:o:watchguard:fireware:12.11.1","cpe:2.3:o:watchguard:fireware:12.11.2","cpe:2.3:o:watchguard:fireware:12.11.3","cpe:2.3:o:watchguard:fireware:12.11.4","cpe:2.3:o:watchguard:fireware:12.11.5","cpe:2.3:o:watchguard:fireware:12.2.0","cpe:2.3:o:watchguard:fireware:12.2.1","cpe:2.3:o:watchguard:fireware:12.3","cpe:2.3:o:watchguard:fireware:12.3.1","cpe:2.3:o:watchguard:fireware:12.4","cpe:2.3:o:watchguard:fireware:12.4.1","cpe:2.3:o:watchguard:fireware:12.5","cpe:2.3:o:watchguard:fireware:12.5.1","cpe:2.3:o:watchguard:fireware:12.5.10","cpe:2.3:o:watchguard:fireware:12.5.11","cpe:2.3:o:watchguard:fireware:12.5.12","cpe:2.3:o:watchguard:fireware:12.5.13","cpe:2.3:o:watchguard:fireware:12.5.14","cpe:2.3:o:watchguard:fireware:12.5.15","cpe:2.3:o:watchguard:fireware:12.5.2","cpe:2.3:o:watchguard:fireware:12.5.3","cpe:2.3:o:watchguard:fireware:12.5.4","cpe:2.3:o:watchguard:fireware:12.5.5","cpe:2.3:o:watchguard:fireware:12.5.6","cpe:2.3:o:watchguard:fireware:12.5.7","cpe:2.3:o:watchguard:fireware:12.5.8","cpe:2.3:o:watchguard:fireware:12.5.9","cpe:2.3:o:watchguard:fireware:12.6.1","cpe:2.3:o:watchguard:fireware:12.6.3","cpe:2.3:o:watchguard:fireware:12.6.4","cpe:2.3:o:watchguard:fireware:12.7.0","cpe:2.3:o:watchguard:fireware:12.7.1","cpe:2.3:o:watchguard:fireware:12.7.2","cpe:2.3:o:watchguard:fireware:12.8.0","cpe:2.3:o:watchguard:fireware:12.8.1","cpe:2.3:o:watchguard:fireware:12.8.2","cpe:2.3:o:watchguard:fireware:12.8.3","cpe:2.3:o:watchguard:fireware:12.9","cpe:2.3:o:watchguard:fireware:12.9.2","cpe:2.3:o:watchguard:fireware:12.9.3","cpe:2.3:o:watchguard:fireware:12.9.4","cpe:2.3:o:watchguard:fireware:2025.1","cpe:2.3:o:watchguard:fireware:2025.1.1","cpe:2.3:o:watchguard:fireware:2025.1.2","cpe:2.3:o:watchguard:fireware:2025.1.3"]}