WatchGuard Fireware OS CVE-2025-9242 advisory and temporary workaround
Advisory/Mitigation
Summary
Hide ▲
Show ▼
WatchGuard issued a security advisory for Firebox and Fireware OS deployments affected by CVE-2025-9242, adding a temporary workaround for sites that cannot upgrade immediately. The guidance covers configurations using mobile user VPN with IKEv2 and BOVPN with IKEv2 when a dynamic gateway peer is present. The flaw can enable remote code execution, so affected operators are told to remediate quickly.
Related Happenings
Check Point VPN CVE-2026-50751 targeted exploitation wave
Exploitation Wave
H score47
First: 08.06.2026 17:17
Last: 08.06.2026 17:17
Sources 1
About this happening:
**CVE-2026-50751** is an **active exploitation wave** against **Check Point Remote Access VPN** and **Mobile Access** deployments that use **deprecated IKEv1**. The flaw is an **a...
Check Point VPN CVE-2026-50751 targeted exploitation wave
Exploitation WaveAbout this happening: **CVE-2026-50751** is an **active exploitation wave** against **Check Point Remote Access VPN** and **Mobile Access** deployments that use **deprecated IKEv1**. The flaw is an **a...
Check Point security patch release for CVE-2026-50751
Security Patch Release
H score48
First: 08.06.2026 16:05
Last: 08.06.2026 16:05
Sources 1
About this happening:
**Check Point** released **security updates** to patch **CVE-2026-50751** in **Remote Access VPN** and **Mobile Access** deployments. The update addressed a **critical authenticat...
Check Point security patch release for CVE-2026-50751
Security Patch ReleaseAbout this happening: **Check Point** released **security updates** to patch **CVE-2026-50751** in **Remote Access VPN** and **Mobile Access** deployments. The update addressed a **critical authenticat...
Check Point Remote Access VPN and Mobile Access authentication bypass (CVE-2026-50751)
Vulnerability
H score47
First: 08.06.2026 16:05
Last: 08.06.2026 16:05
Sources 1
About this happening:
**Check Point** warned that **CVE-2026-50751** is a **critical authentication bypass** in **Remote Access VPN** and **Mobile Access** deployments using **deprecated IKEv1**, letti...
Check Point Remote Access VPN and Mobile Access authentication bypass (CVE-2026-50751)
VulnerabilityAbout this happening: **Check Point** warned that **CVE-2026-50751** is a **critical authentication bypass** in **Remote Access VPN** and **Mobile Access** deployments using **deprecated IKEv1**, letti...
Windows ikeext.dll double-free RCE (CVE-2026-33824)
Vulnerability
H score37
First: 13.05.2026 16:46
Last: 13.05.2026 16:46
Sources 1
About this happening:
**CVE-2026-33824** is a **double-free flaw** in **Windows ikeext.dll** that can let an **unauthenticated attacker** trigger **remote code execution** on systems with **IKEv2** ena...
Windows ikeext.dll double-free RCE (CVE-2026-33824)
VulnerabilityAbout this happening: **CVE-2026-33824** is a **double-free flaw** in **Windows ikeext.dll** that can let an **unauthenticated attacker** trigger **remote code execution** on systems with **IKEv2** ena...
Cisco security patch release for CVE-2026-20188
Security Patch Release
H score35
First: 06.05.2026 21:06
Last: 06.05.2026 21:06
Sources 1
About this happening:
**Cisco** released security updates for **CVE-2026-20188**, a high-severity **DoS vulnerability** in **Crosswork Network Controller (CNC)** and **Network Services Orchestrator (NS...
Cisco security patch release for CVE-2026-20188
Security Patch ReleaseAbout this happening: **Cisco** released security updates for **CVE-2026-20188**, a high-severity **DoS vulnerability** in **Crosswork Network Controller (CNC)** and **Network Services Orchestrator (NS...
Timeline
-
21.10.2025 13:42 1 articles · 8mo ago
Shadowserver scans find over 71,000 vulnerable WatchGuard devices
Campaign Scope UpdateShadowserver foundation IP data scans indicate that over 71,000 WatchGuard Firebox devices could still be vulnerable as of October 17 because of CVE-2025-9242, an out-of-bounds write flaw in WatchGuard Fireware OS that can enable remote code execution when mobile user VPN with IKEv2 or BOVPN using IKEv2 is configured with a dynamic gateway peer.
Show sources
- Critical WatchGuard Fireware OS Flaw Enables Remote Code Execution — www.infosecurity-magazine.com — 21.10.2025 13:42
-
21.10.2025 13:42 2 articles · 8mo ago
WatchGuard publishes CVE-2025-9242 advisory and temporary workaround
Mitigation Patch UpdateWatchGuard publishes a security advisory for CVE-2025-9242 in Fireware OS, identifies affected versions 11.10.2 up to and including 11.12.4_Update1, 12.0 up to and including 12.11.3, and 2025.1, warns that previously configured Firebox deployments with mobile user VPN with IKEv2 or BOVPN using IKEv2 and a dynamic gateway peer may still be vulnerable, and provides a temporary workaround for Firebox systems that cannot be upgraded immediately.
Show sources
- Critical WatchGuard Fireware OS Flaw Enables Remote Code Execution — www.infosecurity-magazine.com — 21.10.2025 13:42
- Critical WatchGuard Fireware OS Flaw Enables Remote Code Execution — www.infosecurity-magazine.com — 21.10.2025 13:42