{"id":243602,"date":"2025-12-21T01:33:23","date_gmt":"2025-12-21T01:33:23","guid":{"rendered":"https:\/\/www.europesays.com\/ie\/243602\/"},"modified":"2025-12-21T01:33:23","modified_gmt":"2025-12-21T01:33:23","slug":"critical-watchguard-firebox-vulnerability-exploited-in-attacks","status":"publish","type":"post","link":"https:\/\/www.europesays.com\/ie\/243602\/","title":{"rendered":"\u2018Critical\u2019 WatchGuard Firebox Vulnerability Exploited In Attacks"},"content":{"rendered":"<p>The vulnerability in WatchGuard\u2019s next-generation firewall \u2018poses significant risks,\u2019 the U.S. cybersecurity agency says.<\/p>\n<p>            <img decoding=\"async\" loading=\"lazy\" alt=\"\" src=\".\/media_1eb8e91de0beaab25412c08e15de809f4e52bcc18.png?width=750&amp;format=png&amp;optimize=medium\" width=\"611\" height=\"458\"\/><\/p>\n<p>A critical-severity vulnerability impacting customers of WatchGuard\u2019s next-generation firewall, Firebox, has seen exploitation in cyberattacks, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) confirmed Friday.<\/p>\n<p>The remote code execution flaw (tracked as CVE-2025-14733) was disclosed Thursday by WatchGuard in an advisory that referenced attempted exploitation by attackers.<\/p>\n<p><strong>[Related: <a href=\"https:\/\/www.crn.com\/news\/security\/2025\/10-major-cyberattacks-and-data-breaches-in-2025\" rel=\"nofollow noopener\" target=\"_blank\">10 Major Cyberattacks And Data Breaches In 2025<\/a>]<\/strong><\/p>\n<p>WatchGuard has \u201cobserved threat actors actively attempting to exploit this vulnerability in the wild,\u201d the company said. The <a href=\"https:\/\/www.watchguard.com\/wgrd-psirt\/advisory\/wgsa-2025-00027\" rel=\"nofollow noopener\" target=\"_blank\">advisory<\/a> did not specify whether the attempts had been successful in compromising Firebox devices.<\/p>\n<p>However, CISA <a href=\"https:\/\/www.cisa.gov\/news-events\/alerts\/2025\/12\/19\/cisa-adds-one-known-exploited-vulnerability-catalog\" rel=\"nofollow noopener\" target=\"_blank\">disclosed<\/a> Friday that based on \u201cevidence of active exploitation,\u201d the agency has now added the flaw to its catalog of exploited vulnerabilities.<\/p>\n<p>CISA said it is urging a quick response to the threat by setting a deadline of Dec. 26 for patching, which gives federal agencies just a week to remediate the issue.<\/p>\n<p>This flaw impacts Fireware OS 11.10.2 (up to and including 11.12.4_Update1); version 12.0 (up to and including 12.11.5); and version 2025.1 (up to and including 2025.1.3), WatchGuard said in its advisory.<\/p>\n<p>The out-of-bounds write vulnerability \u201cmay allow a remote unauthenticated attacker to execute arbitrary code,\u201d the company said.<\/p>\n<p>In a statement provided to CRN Friday, WatchGuard said an internal investigation had identified the vulnerability on Monday and a \u201cpatch was quickly made available\u201d on Thursday.<\/p>\n<p>The vulnerability has received a severity score of 9.3 out of 10.0, making it a \u201ccritical\u201d issue.<\/p>\n<p>\u201cThis type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise,\u201d CISA said in its advisory Friday.<\/p>\n<p>While the order only applies to Federal Civilian Executive Branch agencies, CISA \u201cstrongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of [such] vulnerabilities as part of their vulnerability management practice,\u201d CISA said.<\/p>\n<p>In its statement provided to CRN, WatchGuard noted that the Firebox attacks are part of a \u201cwider attack campaign against edge networking and exposed infrastructure from multiple vendors.\u201d<\/p>\n","protected":false},"excerpt":{"rendered":"The vulnerability in WatchGuard\u2019s next-generation firewall \u2018poses significant risks,\u2019 the U.S. cybersecurity agency says. A critical-severity vulnerability impacting&hellip;\n","protected":false},"author":2,"featured_media":243603,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[74],"tags":[19260,982,18,19,17,11951,82,106475],"class_list":{"0":"post-243602","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-technology","8":"tag-cyberattacks","9":"tag-cybersecurity","10":"tag-eire","11":"tag-ie","12":"tag-ireland","13":"tag-network-security","14":"tag-technology","15":"tag-vulnerabilities"},"share_on_mastodon":{"url":"https:\/\/pubeurope.com\/@ie\/115754985390130561","error":""},"_links":{"self":[{"href":"https:\/\/www.europesays.com\/ie\/wp-json\/wp\/v2\/posts\/243602","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.europesays.com\/ie\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.europesays.com\/ie\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/ie\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/ie\/wp-json\/wp\/v2\/comments?post=243602"}],"version-history":[{"count":0,"href":"https:\/\/www.europesays.com\/ie\/wp-json\/wp\/v2\/posts\/243602\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/ie\/wp-json\/wp\/v2\/media\/243603"}],"wp:attachment":[{"href":"https:\/\/www.europesays.com\/ie\/wp-json\/wp\/v2\/media?parent=243602"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.europesays.com\/ie\/wp-json\/wp\/v2\/categories?post=243602"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.europesays.com\/ie\/wp-json\/wp\/v2\/tags?post=243602"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}