Find notable cyber news and cases, enriched with sources, timelines, and signals.

WatchGuard security patch release for CVE-2025-14733

Security Patch Release
First reported
Last updated
Happening score
H score 42
1 unique sources, 1 articles

Summary

Hide ▲

WatchGuard released security updates for CVE-2025-14733, a critical Firebox firewall flaw that can lead to remote code execution and is already exploited in the wild. The update affects Fireware OS releases across the 11.x, 12.x, and 2025.1 branches, with exposure concentrated on systems configured for IKEv2 VPN. WatchGuard also provided temporary mitigation steps for teams that cannot patch immediately.

Related Happenings

Check Point VPN CVE-2026-50751 targeted exploitation wave

Exploitation Wave
H score47 First: 08.06.2026 17:17 Last: 08.06.2026 17:17 Sources 1

About this happening: **CVE-2026-50751** is an **active exploitation wave** against **Check Point Remote Access VPN** and **Mobile Access** deployments that use **deprecated IKEv1**. The flaw is an **a...

Check Point security patch release for CVE-2026-50751

Security Patch Release
H score48 First: 08.06.2026 16:05 Last: 08.06.2026 16:05 Sources 1

About this happening: **Check Point** released **security updates** to patch **CVE-2026-50751** in **Remote Access VPN** and **Mobile Access** deployments. The update addressed a **critical authenticat...

Microsoft April 2026 Patch Tuesday security update (165 CVEs)

Security Patch Release
H score62 First: 15.04.2026 00:22 Last: 15.04.2026 00:22 Sources 1

About this happening: **Microsoft** shipped **April 2026 Patch Tuesday** updates covering **165 CVEs**, including an **actively exploited zero-day** and a **publicly disclosed** flaw, creating immediat...

Progress security patch release for CVE-2026-2699

Security Patch Release
H score68 First: 02.04.2026 16:33 Last: 02.04.2026 16:33 Sources 1

About this happening: **Progress** released **ShareFile 5.12.4** on **March 10** to fix **CVE-2026-2699** and **CVE-2026-2701** in the **Storage Zones Controller (SZC)** for **branch 5.x**. The update...

Citrix security patch release for CVE-2026-3055

Security Patch Release
H score44 First: 24.03.2026 07:59 Last: 24.03.2026 07:59 Sources 1

About this happening: Citrix's **NetScaler ADC** and **NetScaler Gateway** updates close **CVE-2026-3055** and **CVE-2026-4368**, including a flaw that could leak sensitive memory from configured appli...

Timeline

  1. 22.12.2025 11:00 2 articles · 6mo ago

    WatchGuard releases CVE-2025-14733 fixes

    Initial Disclosure

    WatchGuard released CVE-2025-14733 security updates for Firebox firewalls running Fireware OS 11.x, 12.x, and 2025.1 branches and marked the flaw as exploited in the wild. The vulnerability is an out-of-bounds write in the iked process that can let a remote unauthenticated attacker execute arbitrary code on devices configured for IKEv2 VPN, including some Branch Office VPN setups.

    Show sources
  2. 22.12.2025 11:00 1 articles · 6mo ago

    CISA adds CVE-2025-14733 to KEV

    Legal Policy Action Update

    CISA added CVE-2025-14733 to the Known Exploited Vulnerabilities Catalog and ordered Federal Civilian Executive Branch agencies to patch Firebox firewalls within a week, by December 26th, under BOD 22-01. The agency warned that vulnerabilities of this type are a frequent attack vector and said defenders should apply vendor mitigations or discontinue use of the product if mitigations are unavailable.

    Show sources
  3. 22.12.2025 11:00 1 articles · 6mo ago

    Shadowserver counts 124,658 exposed Firebox devices

    Campaign Scope Update

    Shadowserver found over 124,658 unpatched Firebox instances exposed online on Saturday, showing that a large population of internet-facing Firebox devices remained vulnerable to CVE-2025-14733 despite available updates.

    Show sources
  4. 22.12.2025 11:00 1 articles · 6mo ago

    Shadowserver still sees 117,490 exposed Firebox devices

    Campaign Scope Update

    Shadowserver still saw 117,490 unpatched Firebox instances exposed online on Sunday, indicating that exposure remained widespread the next day across internet-facing Firebox devices vulnerable to CVE-2025-14733.

    Show sources