WatchGuard security patch release for CVE-2025-14733
Security Patch Release
Summary
Hide ▲
Show ▼
WatchGuard released security updates for CVE-2025-14733, a critical Firebox firewall flaw that can lead to remote code execution and is already exploited in the wild. The update affects Fireware OS releases across the 11.x, 12.x, and 2025.1 branches, with exposure concentrated on systems configured for IKEv2 VPN. WatchGuard also provided temporary mitigation steps for teams that cannot patch immediately.
Related Happenings
Check Point VPN CVE-2026-50751 targeted exploitation wave
Exploitation Wave
H score47
First: 08.06.2026 17:17
Last: 08.06.2026 17:17
Sources 1
About this happening:
**CVE-2026-50751** is an **active exploitation wave** against **Check Point Remote Access VPN** and **Mobile Access** deployments that use **deprecated IKEv1**. The flaw is an **a...
Check Point VPN CVE-2026-50751 targeted exploitation wave
Exploitation WaveAbout this happening: **CVE-2026-50751** is an **active exploitation wave** against **Check Point Remote Access VPN** and **Mobile Access** deployments that use **deprecated IKEv1**. The flaw is an **a...
Check Point security patch release for CVE-2026-50751
Security Patch Release
H score48
First: 08.06.2026 16:05
Last: 08.06.2026 16:05
Sources 1
About this happening:
**Check Point** released **security updates** to patch **CVE-2026-50751** in **Remote Access VPN** and **Mobile Access** deployments. The update addressed a **critical authenticat...
Check Point security patch release for CVE-2026-50751
Security Patch ReleaseAbout this happening: **Check Point** released **security updates** to patch **CVE-2026-50751** in **Remote Access VPN** and **Mobile Access** deployments. The update addressed a **critical authenticat...
Microsoft April 2026 Patch Tuesday security update (165 CVEs)
Security Patch Release
H score62
First: 15.04.2026 00:22
Last: 15.04.2026 00:22
Sources 1
About this happening:
**Microsoft** shipped **April 2026 Patch Tuesday** updates covering **165 CVEs**, including an **actively exploited zero-day** and a **publicly disclosed** flaw, creating immediat...
Microsoft April 2026 Patch Tuesday security update (165 CVEs)
Security Patch ReleaseAbout this happening: **Microsoft** shipped **April 2026 Patch Tuesday** updates covering **165 CVEs**, including an **actively exploited zero-day** and a **publicly disclosed** flaw, creating immediat...
Progress security patch release for CVE-2026-2699
Security Patch Release
H score68
First: 02.04.2026 16:33
Last: 02.04.2026 16:33
Sources 1
About this happening:
**Progress** released **ShareFile 5.12.4** on **March 10** to fix **CVE-2026-2699** and **CVE-2026-2701** in the **Storage Zones Controller (SZC)** for **branch 5.x**. The update...
Progress security patch release for CVE-2026-2699
Security Patch ReleaseAbout this happening: **Progress** released **ShareFile 5.12.4** on **March 10** to fix **CVE-2026-2699** and **CVE-2026-2701** in the **Storage Zones Controller (SZC)** for **branch 5.x**. The update...
Citrix security patch release for CVE-2026-3055
Security Patch Release
H score44
First: 24.03.2026 07:59
Last: 24.03.2026 07:59
Sources 1
About this happening:
Citrix's **NetScaler ADC** and **NetScaler Gateway** updates close **CVE-2026-3055** and **CVE-2026-4368**, including a flaw that could leak sensitive memory from configured appli...
Citrix security patch release for CVE-2026-3055
Security Patch ReleaseAbout this happening: Citrix's **NetScaler ADC** and **NetScaler Gateway** updates close **CVE-2026-3055** and **CVE-2026-4368**, including a flaw that could leak sensitive memory from configured appli...
Timeline
-
22.12.2025 11:00 2 articles · 6mo ago
WatchGuard releases CVE-2025-14733 fixes
Initial DisclosureWatchGuard released CVE-2025-14733 security updates for Firebox firewalls running Fireware OS 11.x, 12.x, and 2025.1 branches and marked the flaw as exploited in the wild. The vulnerability is an out-of-bounds write in the iked process that can let a remote unauthenticated attacker execute arbitrary code on devices configured for IKEv2 VPN, including some Branch Office VPN setups.
Show sources
- Critical RCE flaw impacts over 115,000 WatchGuard firewalls — www.bleepingcomputer.com — 22.12.2025 11:00
- Critical RCE flaw impacts over 115,000 WatchGuard firewalls — www.bleepingcomputer.com — 22.12.2025 11:00
-
22.12.2025 11:00 1 articles · 6mo ago
CISA adds CVE-2025-14733 to KEV
Legal Policy Action UpdateCISA added CVE-2025-14733 to the Known Exploited Vulnerabilities Catalog and ordered Federal Civilian Executive Branch agencies to patch Firebox firewalls within a week, by December 26th, under BOD 22-01. The agency warned that vulnerabilities of this type are a frequent attack vector and said defenders should apply vendor mitigations or discontinue use of the product if mitigations are unavailable.
Show sources
- Critical RCE flaw impacts over 115,000 WatchGuard firewalls — www.bleepingcomputer.com — 22.12.2025 11:00
-
22.12.2025 11:00 1 articles · 6mo ago
Shadowserver counts 124,658 exposed Firebox devices
Campaign Scope UpdateShadowserver found over 124,658 unpatched Firebox instances exposed online on Saturday, showing that a large population of internet-facing Firebox devices remained vulnerable to CVE-2025-14733 despite available updates.
Show sources
- Critical RCE flaw impacts over 115,000 WatchGuard firewalls — www.bleepingcomputer.com — 22.12.2025 11:00
-
22.12.2025 11:00 1 articles · 6mo ago
Shadowserver still sees 117,490 exposed Firebox devices
Campaign Scope UpdateShadowserver still saw 117,490 unpatched Firebox instances exposed online on Sunday, indicating that exposure remained widespread the next day across internet-facing Firebox devices vulnerable to CVE-2025-14733.
Show sources
- Critical RCE flaw impacts over 115,000 WatchGuard firewalls — www.bleepingcomputer.com — 22.12.2025 11:00