AI description
CVE-2025-9242 is an out-of-bounds write vulnerability found in WatchGuard Fireware OS. The vulnerability resides in the *iked* process. This flaw makes it possible for an unauthenticated, remote attacker to execute arbitrary code on affected systems. The vulnerability impacts both Mobile User VPN with IKEv2 and Branch Office VPN using IKEv2 when configured with a dynamic gateway peer.
- Description
- An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to execute arbitrary code. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer.This vulnerability affects Fireware OS 11.10.2 up to and including 11.12.4_Update1, 12.0 up to and including 12.11.3 and 2025.1.
- Source
- 5d1c2695-1a31-4499-88ae-e847036fd7e3
- NVD status
- Awaiting Analysis
CVSS 4.0
- Type
- Secondary
- Base score
- 9.3
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- CRITICAL
- 5d1c2695-1a31-4499-88ae-e847036fd7e3
- CWE-787
- Hype score
- Not currently trending
🔴WatchGuard Firewall RCE: 71,000+ Devices at Risk 🔴 Over 71,000 internet-exposed WatchGuard firewalls running vulnerable IKEv2 code (CVE-2025-9242). Out-of-bounds write in packet processing allows unauthenticated RCE. Attackers gain full device control and pivot to interna
@the_c_protocol
21 Oct 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CyberNewsFlash「WatchGuard製ファイアウォール「Firebox」のikedにおける境界外書込みの脆弱性(CVE-2025-9242)について」を公開。実証コードの公開により今後本脆弱性を悪用した攻撃の増加が懸念されます。開発者が
@jpcert
21 Oct 2025
2249 Impressions
4 Retweets
6 Likes
2 Bookmarks
0 Replies
0 Quotes
統合版 JPCERT/CC | お知らせ:CyberNewsFlash「WatchGuard製ファイアウォール「Firebox」のikedにおける境界外書込みの脆弱性(CVE-2025-9242)について」 https://t.co/TXKyJRiGay #itsec_jp
@itsec_jp
21 Oct 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Over 75,000 WatchGuard security devices vulnerable to critical RCE (CVE-2025-9242) https://t.co/zowuCFqxXf #patchmanagement
@eyalestrin
21 Oct 2025
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Over 75,000 WatchGuard Firebox devices vulnerable to critical RCE (CVE-2025-9242), enabling remote code execution without authentication. https://t.co/Pft42WgkHv
@not2cleverdotme
21 Oct 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
全世界で約7万5800台のWatchGuard Fireboxが、リモートから認証なしでコード実行され得る重大脆弱性にさらされている。特に米国で2万4500台、ドイツやイタリアなど欧州でも被害が広がる。 この脆弱性(CVE-2025-9242
@yousukezan
20 Oct 2025
2970 Impressions
7 Retweets
14 Likes
5 Bookmarks
0 Replies
0 Quotes
WatchGuard社のネットワークセキュリティアプライアンスFireboxが、重大(Critical)な遠隔コード実行脆弱性CVE-2025-9242に晒されている。IKEv2 VPNネゴシエーションにおける境界外書き込みで、CVSSスコアは9.3。Shadowserver F
@__kokumoto
20 Oct 2025
806 Impressions
2 Retweets
4 Likes
0 Bookmarks
0 Replies
0 Quotes
A critical WatchGuard Fireware flaw (CVE-2025-9242) enables unauthenticated remote code execution via an out-of-bounds write affecting multiple Fireware OS versions and VPN setups. #WatchGuard #VPNFlaw #USA https://t.co/Mqqmkza9q4
@TweetThreatNews
20 Oct 2025
68 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
csirt_it: La Settimana Cibernetica del 19 ottobre 2025 🔹 aggiornamenti per molteplici prodotti 🔹 WatchGuard: PoC pubblico per la CVE-2025-9242 🔹 Operational Summary - settembre 2025 ⚠️ #EPSS: verifica le CVE di maggior interesse 🔗 … https://t.co/vV2bu3W6YD
@Vulcanux_
20 Oct 2025
53 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
La Settimana Cibernetica del 19 ottobre 2025 🔹 aggiornamenti per molteplici prodotti 🔹 WatchGuard: PoC pubblico per la CVE-2025-9242 🔹 Operational Summary - settembre 2025 ⚠️ #EPSS: verifica le CVE di maggior interesse 🔗 https://t.co/emkmhKESHy https://t.co/
@csirt_it
20 Oct 2025
259 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#ITSecurity https://t.co/Us2tfhgj1q Cybersecurity researchers have disclosed details of a recently patched critical security flaw in WatchGuard Fireware that could allow unauthenticated attackers to execute arbitrary code. The vulnerability, tracked as CVE-2025-9242 (CVSS
@seaarepea
19 Oct 2025
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
We are now sharing daily IP data on WatchGuard Fireware OS IKEv2 Out-of-Bounds Write CVE-2025-9242 vulnerable instances, with over 71 000 seen on 2025-10-18. Data shared in our Vulnerable ISAKMP reportings - https://t.co/CNt9ZzP0uD Top affected: US with 23.2K instances https://
@Shadowserver
19 Oct 2025
3182 Impressions
14 Retweets
23 Likes
2 Bookmarks
1 Reply
1 Quote
🇺🇸 WatchGuard discloses CVE-2025-9242: Fireware OS IKEv2 vulnerability permits unauthenticated remote RCE on Firebox appliances. Advisory WGSA-2025-00015 — CVSS v4.0 9.3. #Cybersecurity #Infosec https://t.co/HsKg8L2yhg
@OSINTMCP
19 Oct 2025
26 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 CRITICAL: Out-of-bounds write in WatchGuard Fireware OS VPN (CVE-2025-9242) lets unauthenticated attackers take control of devices. Patch now to protect your network! 🛡️ https://t.co/GmWK1vNSgs #OffSeq #Watc... https://t.co/nLa6V45PkT
@offseq
19 Oct 2025
103 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
Critical vulnerability CVE-2025-9242 in WatchGuard Fireware OS allows unauthenticated remote code execution. Update immediately to patched versions. Link: https://t.co/7i4rDQhT18 #Security #Vulnerability #Tech #CVE #WatchGuard #Fireware #Remote #Code #Execution #Patch #Update
@dailytechonx
18 Oct 2025
93 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔍 𝐋𝐚𝐭𝐞𝐬𝐭 𝐂𝐕𝐄 𝐛𝐫𝐞𝐚𝐤𝐝𝐨𝐰𝐧 𝐚𝐯𝐚𝐢𝐥𝐚𝐛𝐥𝐞 𝐧𝐨𝐰! CVE-2025-9242 allows unauthenticated remote code execution on WatchGuard VPNs. Learn how attackers exploit it and how to patch now. 🔗 Get the com
@PurpleOps_io
18 Oct 2025
98 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Researchers uncovered a severe bug in WatchGuard Fireware OS (CVE-2025-9242, CVSS 9.3) letting unauthenticated attackers execute code on exposed #VPN devices. Patch now or expose your perimeter. https://t.co/WBSzvTsWb4
@top10vpn
18 Oct 2025
160 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔴 🔴 Out-of-bounds write in WatchGuard Fireware OS iked process allows unauthenticated RCE via IKEv2 VPN (CVE-2025-9242, CVSS 9.3). The flaw affects Mobile User VPN and Branch Office VPN configs with dynamic gateways—even if you deleted those VPNs, the box stays vulnerable
@the_c_protocol
18 Oct 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 ثغرة حرجة في WatchGuard Firebox (CVE-2025-9242)، تمّ الكشف عنها واستغلالها فعليًا 🔹بتاريخ 17 أكتوبر 2025 أعلنت WatchGuard عن ثغرة CVE-2025-9242 في خدمة iked داخل Fireware OS (مكوّن IKEv2 VPN)
@abdul__alamri
18 Oct 2025
2774 Impressions
3 Retweets
32 Likes
13 Bookmarks
1 Reply
0 Quotes
🚨 آسیبپذیری بحرانی در WatchGuard Fireware با امتیاز 9.3 کشف شد! مهاجمان میتوانند بدون احراز هویت، کد دلخواه خود را روی فایروال اجرا کنند 😱 🔹 شناسه CVE-2025-9242 #Cybers
@vulnerbyte
18 Oct 2025
89 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨In September, CVE-2025-9242, affecting WatchGuard Firebox / Fireware OS was disclosed. Yesterday, a PoC was made public. https://t.co/U6iK4gpcr9
@Horizon3ai
17 Oct 2025
130 Impressions
1 Retweet
1 Like
1 Bookmark
1 Reply
0 Quotes
WatchGuard warnt: Firebox-Firewalls dringend mit aktuellem Firmware-Update sichern Bei einigen Firewalls des Herstellers WatchGuard besteht eine kritische Sicherheitslücke (CVE-2025-9242). Betroffen sind Modelle wie T15, T70 und M4800, insbesondere bei früheren oder aktuellen
@tec4net
17 Oct 2025
39 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical WatchGuard VPN Flaw Enables Remote Code Execution A critical vulnerability (CVE-2025-9242) in WatchGuard Firebox appliances affects IKEv2 VPN, enabling remote attackers to execute arbitrary code without authentication. With a CVSS score of 9.3, it poses a severe threat
@Secwiserapp
17 Oct 2025
44 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 WatchGuard VPN bug (CVE-2025-9242) allows attackers to run code on devices, posing a critical security risk. #cybersecurity #VPNbug #WatchGuard https://t.co/PA1ZIn0kUi
@not2cleverdotme
17 Oct 2025
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical WatchGuard VPN bug (CVE-2025-9242, CVSS 9.3) found! Unauthenticated attackers could execute arbitrary code on devices. Patch your Fireware OS now! 🚨 https://t.co/GZLmjeRMpM #WatchGuard #VPNSecurity #Cybersecurity #CVE20259242
@0xT3chn0m4nc3r
17 Oct 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📌 كشف الباحثون عن ثغرة أمنية خطيرة في نظام WatchGuard Fireware قد تسمح للمهاجمين غير المصرح لهم بتنفيذ أوامر عشوائية. تُصنف الثغرة، المعروفة باسم CVE-2025-9242، بـ 9.3 عل
@Cybercachear
17 Oct 2025
43 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-9242 — Critical WatchGuard Fireware flaw (CVSS 9.3) Unauthenticated attackers can exploit a 520-byte overflow in IKEv2 before cert checks, executing code on VPN firewalls — even spawning a Python shell over TCP. Patch now ↓ https://t.co/dkehNXYzhi
@TheHackersNews
17 Oct 2025
14700 Impressions
43 Retweets
120 Likes
27 Bookmarks
0 Replies
3 Quotes
yIKEs (WatchGuard Fireware OS IKEv2 Out-of-Bounds Write CVE-2025-9242) - watchTowr Labs https://t.co/NkvmdjmjIz https://t.co/onc1bI7lnb
@secharvesterx
16 Oct 2025
72 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
csirt_it: ‼️ #WatchGuard: disponibile #PoC per lo sfruttamento della CVE-2025-9242, vulnerabilità “critica” che interessa i firewall #Firebox Rischio: 🔴 Tipologia: 🔸 Remote Code Execution 🔗 https://t.co/lWSYmX04kv 🔄Aggiornamenti disponibili🔄 https://t
@Vulcanux_
16 Oct 2025
58 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
‼️ #WatchGuard: disponibile #PoC per lo sfruttamento della CVE-2025-9242, vulnerabilità “critica” che interessa i firewall #Firebox Rischio: 🔴 Tipologia: 🔸 Remote Code Execution 🔗 https://t.co/6nRpHz9DI4 🔄Aggiornamenti disponibili🔄 https://t.co/7Bzd8E
@csirt_it
16 Oct 2025
29 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
⚠️Vulnerabilidad en productos WatchGuard ❗CVE-2025-9242 ➡️Más info: https://t.co/dCqO0LBwwC https://t.co/VHTAkNIR3G
@CERTpy
24 Sept 2025
85 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CRITICAL: WatchGuard Firebox CVE-2025-9242 allows remote code execution via IKEv2 VPN! Severity 9.3/10 - attackers can fully control your network. Update Fireware OS immediately or face complete compromise ⚠️🔐 https://t.co/JGxJGnae58 #WatchGuard #CVE20259242 #CyberSecurity
@cheinyeanlim
23 Sept 2025
66 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical patches issued for WatchGuard Firebox (CVE-2025-9242) and Entra ID (CVE-2025-55241) to prevent VPN and tenant takeover risks. New ransomware strains Sinobi & The Gentlemen emerge. Breaches hit NY Blood Center, SonicWall, KrasAvia. #WatchGuard #C… https://t.co/c13s4
@TweetThreatNews
20 Sept 2025
144 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
WatchGuard Fireboxファイアウォールの重大脆弱性に関する警告(CVE-2025-9242) https://t.co/IJVtY8KHoB #Security #セキュリティ #ニュース
@SecureShield_
19 Sept 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Cyber threat roundup 🔥 from the last hour with critical updates on malware, exploits, fraud, espionage & major data breaches affecting global sectors. Here’s what you need to know: 🛡️ Critical zero-day in WatchGuard Firebox firewalls (CVE-2025-9242) allows unauthen
@np_cyber_news
18 Sept 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 BREAKING: Critical flaw in WatchGuard Firebox firewalls! CVE-2025-9242 lets remote hackers execute code unauthenticated—patch NOW before your network gets owned. 😱 Don’t wait! #CyberSecurity #WatchGuard https://t.co/EqXfZHSUMx 6
@ScriptingIntune
18 Sept 2025
36 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-9242 An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to execute arbitrary code. This vulnerability affects both th… https://t.co/fsVNfxVtjX
@CVEnew
17 Sept 2025
297 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CRITICAL VULNERABILITY ALERT 🚨 WatchGuard Fireware OS is at risk. CVE-2025-9242 is a critical flaw allowing unauthenticated remote code execution. Get the defense playbook & patch now! 🔗 https://t.co/agwf96A9np #CyberSecurity #CVE #ThreatIntel https://t.co/oS7TcWu
@Iambivash007
17 Sept 2025
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨🚨CVE-2025-9242 (CVSS: 9.3) : WatchGuard Firebox iked Out of Bounds Write Vulnerability The flaw resides in the iked process and could allow a remote unauthenticated attacker to execute arbitrary code on vulnerable Firebox devices. Search by vul.cve https://t.co/VZLfYcPL8W
@zoomeye_team
17 Sept 2025
816 Impressions
2 Retweets
7 Likes
3 Bookmarks
0 Replies
0 Quotes
🚨 CRITICAL: CVE-2025-9242 — WatchGuard Fireware OS hit by remote unauthenticated code execution flaw (CVSS 9.3). Immediate mitigation urged for VPN setups w/ dynamic peers! 🔒 Details: https://t.co/JrkCkB8q0v #... https://t.co/ZeBxftHlOK
@offseq
17 Sept 2025
90 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes