Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

WatchGuard Fireware OS CVE-2025-9242 advisory and temporary workaround

Advisory/Mitigation
First reported
Last updated
Happening score
H score 30
1 unique sources, 1 articles

Summary

Hide ▲

WatchGuard issued a security advisory for Firebox and Fireware OS deployments affected by CVE-2025-9242, adding a temporary workaround for sites that cannot upgrade immediately. The guidance covers configurations using mobile user VPN with IKEv2 and BOVPN with IKEv2 when a dynamic gateway peer is present. The flaw can enable remote code execution, so affected operators are told to remediate quickly.

Related Happenings

Windows ikeext.dll double-free RCE (CVE-2026-33824)

Vulnerability
First: 13.05.2026 16:46 Last: 13.05.2026 16:46 Sources 1

About this happening: **CVE-2026-33824** is a **double-free flaw** in **Windows ikeext.dll** that can let an **unauthenticated attacker** trigger **remote code execution** on systems with **IKEv2** ena...

Open Happening

Cisco security patch release for CVE-2026-20188

Security Patch Release
First: 06.05.2026 21:06 Last: 06.05.2026 21:06 Sources 1

About this happening: **Cisco** released security updates for **CVE-2026-20188**, a high-severity **DoS vulnerability** in **Crosswork Network Controller (CNC)** and **Network Services Orchestrator (NS...

Open Happening

Cisco security patch release for CVE-2026-20184

Security Patch Release
First: 16.04.2026 14:27 Last: 16.04.2026 14:27 Sources 1

About this happening: **Cisco** released patches for **four critical flaws** affecting **Identity Services Engine (ISE)**, **ISE-PIC**, and **Webex Services**, closing paths to **arbitrary code executi...

Open Happening

Cisco ISE and ISE-PIC input-validation RCE (CVE-2026-20147)

Vulnerability
First: 16.04.2026 14:27 Last: 16.04.2026 14:27 Sources 1

About this happening: Cisco's **CVE-2026-20147** flaw in **Identity Services Engine (ISE)** and **ISE-PIC** can let authenticated admins reach **remote code execution** by sending **crafted HTTP reques...

Open Happening

Cisco IMC password change authentication bypass (CVE-2026-20093)

Vulnerability
First: 02.04.2026 14:01 Last: 02.04.2026 14:01 Sources 1

About this happening: Cisco released **security updates** for **Cisco IMC/CIMC** after a **password-change authentication bypass** was found that lets **unauthenticated attackers** gain **Admin access*...

Open Happening

Timeline

  1. 21.10.2025 13:42 1 articles · 7mo ago

    Shadowserver scans find over 71,000 vulnerable WatchGuard devices

    Campaign Scope Update

    Shadowserver foundation IP data scans indicate that over 71,000 WatchGuard Firebox devices could still be vulnerable as of October 17 because of CVE-2025-9242, an out-of-bounds write flaw in WatchGuard Fireware OS that can enable remote code execution when mobile user VPN with IKEv2 or BOVPN using IKEv2 is configured with a dynamic gateway peer.

    Show sources
    Open in new tab
  2. 21.10.2025 13:42 2 articles · 7mo ago

    WatchGuard publishes CVE-2025-9242 advisory and temporary workaround

    Mitigation Patch Update

    WatchGuard publishes a security advisory for CVE-2025-9242 in Fireware OS, identifies affected versions 11.10.2 up to and including 11.12.4_Update1, 12.0 up to and including 12.11.3, and 2025.1, warns that previously configured Firebox deployments with mobile user VPN with IKEv2 or BOVPN using IKEv2 and a dynamic gateway peer may still be vulnerable, and provides a temporary workaround for Firebox systems that cannot be upgraded immediately.

    Show sources
    Open in new tab