Find notable cyber news and cases, enriched with sources, timelines, and signals.

WatchGuard Fireware OS CVE-2025-9242 advisory and temporary workaround

Advisory/Mitigation
First reported
Last updated
Happening score
H score 40
1 unique sources, 1 articles

Summary

Hide ▲

WatchGuard issued a security advisory for Firebox and Fireware OS deployments affected by CVE-2025-9242, adding a temporary workaround for sites that cannot upgrade immediately. The guidance covers configurations using mobile user VPN with IKEv2 and BOVPN with IKEv2 when a dynamic gateway peer is present. The flaw can enable remote code execution, so affected operators are told to remediate quickly.

Related Happenings

Check Point VPN CVE-2026-50751 targeted exploitation wave

Exploitation Wave
H score47 First: 08.06.2026 17:17 Last: 08.06.2026 17:17 Sources 1

About this happening: **CVE-2026-50751** is an **active exploitation wave** against **Check Point Remote Access VPN** and **Mobile Access** deployments that use **deprecated IKEv1**. The flaw is an **a...

Check Point security patch release for CVE-2026-50751

Security Patch Release
H score48 First: 08.06.2026 16:05 Last: 08.06.2026 16:05 Sources 1

About this happening: **Check Point** released **security updates** to patch **CVE-2026-50751** in **Remote Access VPN** and **Mobile Access** deployments. The update addressed a **critical authenticat...

Check Point Remote Access VPN and Mobile Access authentication bypass (CVE-2026-50751)

Vulnerability
H score47 First: 08.06.2026 16:05 Last: 08.06.2026 16:05 Sources 1

About this happening: **Check Point** warned that **CVE-2026-50751** is a **critical authentication bypass** in **Remote Access VPN** and **Mobile Access** deployments using **deprecated IKEv1**, letti...

Windows ikeext.dll double-free RCE (CVE-2026-33824)

Vulnerability
H score37 First: 13.05.2026 16:46 Last: 13.05.2026 16:46 Sources 1

About this happening: **CVE-2026-33824** is a **double-free flaw** in **Windows ikeext.dll** that can let an **unauthenticated attacker** trigger **remote code execution** on systems with **IKEv2** ena...

Cisco security patch release for CVE-2026-20188

Security Patch Release
H score35 First: 06.05.2026 21:06 Last: 06.05.2026 21:06 Sources 1

About this happening: **Cisco** released security updates for **CVE-2026-20188**, a high-severity **DoS vulnerability** in **Crosswork Network Controller (CNC)** and **Network Services Orchestrator (NS...

Timeline

  1. 21.10.2025 13:42 1 articles · 8mo ago

    Shadowserver scans find over 71,000 vulnerable WatchGuard devices

    Campaign Scope Update

    Shadowserver foundation IP data scans indicate that over 71,000 WatchGuard Firebox devices could still be vulnerable as of October 17 because of CVE-2025-9242, an out-of-bounds write flaw in WatchGuard Fireware OS that can enable remote code execution when mobile user VPN with IKEv2 or BOVPN using IKEv2 is configured with a dynamic gateway peer.

    Show sources
  2. 21.10.2025 13:42 2 articles · 8mo ago

    WatchGuard publishes CVE-2025-9242 advisory and temporary workaround

    Mitigation Patch Update

    WatchGuard publishes a security advisory for CVE-2025-9242 in Fireware OS, identifies affected versions 11.10.2 up to and including 11.12.4_Update1, 12.0 up to and including 12.11.3, and 2025.1, warns that previously configured Firebox deployments with mobile user VPN with IKEv2 or BOVPN using IKEv2 and a dynamic gateway peer may still be vulnerable, and provides a temporary workaround for Firebox systems that cannot be upgraded immediately.

    Show sources