WatchGuard security patch release for CVE-2025-14733
Security Patch Release
Summary
Hide ▲
Show ▼
WatchGuard released security updates for CVE-2025-14733, a critical Firebox firewall flaw that can lead to remote code execution and is already exploited in the wild. The update affects Fireware OS releases across the 11.x, 12.x, and 2025.1 branches, with exposure concentrated on systems configured for IKEv2 VPN. WatchGuard also provided temporary mitigation steps for teams that cannot patch immediately.
Related Happenings
Microsoft April 2026 Patch Tuesday security update (165 CVEs)
Security Patch Release
First: 15.04.2026 00:22
Last: 15.04.2026 00:22
Sources 1
About this happening:
**Microsoft** shipped **April 2026 Patch Tuesday** updates covering **165 CVEs**, including an **actively exploited zero-day** and a **publicly disclosed** flaw, creating immediat...
Microsoft April 2026 Patch Tuesday security update (165 CVEs)
Security Patch ReleaseAbout this happening: **Microsoft** shipped **April 2026 Patch Tuesday** updates covering **165 CVEs**, including an **actively exploited zero-day** and a **publicly disclosed** flaw, creating immediat...
Progress security patch release for CVE-2026-2699
Security Patch Release
First: 02.04.2026 16:33
Last: 02.04.2026 16:33
Sources 1
About this happening:
**Progress** released **ShareFile 5.12.4** on **March 10** to fix **CVE-2026-2699** and **CVE-2026-2701** in the **Storage Zones Controller (SZC)** for **branch 5.x**. The update...
Progress security patch release for CVE-2026-2699
Security Patch ReleaseAbout this happening: **Progress** released **ShareFile 5.12.4** on **March 10** to fix **CVE-2026-2699** and **CVE-2026-2701** in the **Storage Zones Controller (SZC)** for **branch 5.x**. The update...
Citrix security patch release for CVE-2026-3055
Security Patch Release
First: 24.03.2026 07:59
Last: 24.03.2026 07:59
Sources 1
About this happening:
Citrix's **NetScaler ADC** and **NetScaler Gateway** updates close **CVE-2026-3055** and **CVE-2026-4368**, including a flaw that could leak sensitive memory from configured appli...
Citrix security patch release for CVE-2026-3055
Security Patch ReleaseAbout this happening: Citrix's **NetScaler ADC** and **NetScaler Gateway** updates close **CVE-2026-3055** and **CVE-2026-4368**, including a flaw that could leak sensitive memory from configured appli...
Juniper Networks security patch release for CVE-2026-21902
Security Patch Release
First: 26.02.2026 18:42
Last: 26.02.2026 18:42
Sources 1
About this happening:
**Juniper Networks** has released fixes for **CVE-2026-21902** in **Junos OS Evolved** on **PTX Series routers**, closing a flaw that could let an unauthenticated attacker run cod...
Juniper Networks security patch release for CVE-2026-21902
Security Patch ReleaseAbout this happening: **Juniper Networks** has released fixes for **CVE-2026-21902** in **Junos OS Evolved** on **PTX Series routers**, closing a flaw that could let an unauthenticated attacker run cod...
N8n 2.4.0 security update for sandbox-escape flaw (CVE-2026-25049)
Security Patch Release
First: 04.02.2026 23:14
Last: 04.02.2026 23:14
Sources 1
About this happening:
**n8n** released **version 2.4.0** on **January 12, 2026**, fixing a **sandbox-escape bypass** that could let authenticated workflow editors achieve **remote code execution** on a...
N8n 2.4.0 security update for sandbox-escape flaw (CVE-2026-25049)
Security Patch ReleaseAbout this happening: **n8n** released **version 2.4.0** on **January 12, 2026**, fixing a **sandbox-escape bypass** that could let authenticated workflow editors achieve **remote code execution** on a...
Timeline
-
22.12.2025 11:00 2 articles · 5mo ago
WatchGuard releases CVE-2025-14733 fixes
Initial DisclosureWatchGuard released CVE-2025-14733 security updates for Firebox firewalls running Fireware OS 11.x, 12.x, and 2025.1 branches and marked the flaw as exploited in the wild. The vulnerability is an out-of-bounds write in the iked process that can let a remote unauthenticated attacker execute arbitrary code on devices configured for IKEv2 VPN, including some Branch Office VPN setups.
Show sources
- Critical RCE flaw impacts over 115,000 WatchGuard firewalls — www.bleepingcomputer.com — 22.12.2025 11:00
- Critical RCE flaw impacts over 115,000 WatchGuard firewalls — www.bleepingcomputer.com — 22.12.2025 11:00
-
22.12.2025 11:00 1 articles · 5mo ago
CISA adds CVE-2025-14733 to KEV
Legal Policy Action UpdateCISA added CVE-2025-14733 to the Known Exploited Vulnerabilities Catalog and ordered Federal Civilian Executive Branch agencies to patch Firebox firewalls within a week, by December 26th, under BOD 22-01. The agency warned that vulnerabilities of this type are a frequent attack vector and said defenders should apply vendor mitigations or discontinue use of the product if mitigations are unavailable.
Show sources
- Critical RCE flaw impacts over 115,000 WatchGuard firewalls — www.bleepingcomputer.com — 22.12.2025 11:00
-
22.12.2025 11:00 1 articles · 5mo ago
Shadowserver counts 124,658 exposed Firebox devices
Campaign Scope UpdateShadowserver found over 124,658 unpatched Firebox instances exposed online on Saturday, showing that a large population of internet-facing Firebox devices remained vulnerable to CVE-2025-14733 despite available updates.
Show sources
- Critical RCE flaw impacts over 115,000 WatchGuard firewalls — www.bleepingcomputer.com — 22.12.2025 11:00
-
22.12.2025 11:00 1 articles · 5mo ago
Shadowserver still sees 117,490 exposed Firebox devices
Campaign Scope UpdateShadowserver still saw 117,490 unpatched Firebox instances exposed online on Sunday, indicating that exposure remained widespread the next day across internet-facing Firebox devices vulnerable to CVE-2025-14733.
Show sources
- Critical RCE flaw impacts over 115,000 WatchGuard firewalls — www.bleepingcomputer.com — 22.12.2025 11:00