vulnerability🌐InternationalBleepingComputer
New critical WatchGuard Firebox firewall flaw exploited in attacks
Friday, December 19, 2025
What
A critical remote code execution vulnerability in WatchGuard Firebox firewalls has been identified and is being actively exploited, allowing attackers to execute code remotely on vulnerable devices.
Where
The vulnerability affects WatchGuard Firebox firewalls globally, with a significant number of devices located in North America and Europe.
When
The vulnerability was reported on December 19, 2025, and has been actively exploited since its discovery.
Key Factors
- •The vulnerability is due to an out-of-bounds write weakness.
- •It primarily affects devices configured to use IKEv2 VPN, but can still be exploited under certain conditions even if configurations have been deleted.
- •WatchGuard has provided temporary workarounds for affected organizations that cannot immediately patch their devices.
Takeaways
- →Organizations should prioritize patching their Firebox firewalls to mitigate the risk of exploitation.
- →The incident highlights the ongoing threat landscape for firewall vulnerabilities and the importance of timely updates.
- →Admins should implement the recommended workarounds if immediate patching is not feasible.
Read Full Article
Opens original article on BleepingComputer
