Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2025-9242

UNKNOWN
Published 2025-09-17T07:29:23.738Z
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2025-9242. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to execute arbitrary code. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer.This vulnerability affects Fireware OS 11.10.2 up to and including 11.12.4_Update1, 12.0 up to and including 12.11.3 and 2025.1.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

WatchGuard

Fireware OS

Affected Versions:

12.0 11.10.2 2025.1

EU Vulnerability Database

Monitored by ENISA for EU cybersecurity

EU Coordination

EU Coordinated

Exploitation Status

No Known Exploitation

EUVD ID

View on ENISA

ENISA Analysis

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to execute arbitrary code. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer.This vulnerability affects Fireware OS 11.10.2 up to and including 11.12.4_Update1, 12.0 up to and including 12.11.3 and 2025.1.

Affected Products (ENISA)

watchguard
fireware os

ENISA Scoring

CVSS Score (4.0)

9.3
/10
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

EPSS Score

0.280
probability

ENISA References

https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-00015
https://nvd.nist.gov/vuln/detail/CVE-2025-9242

Data provided by ENISA EU Vulnerability Database. Last updated: September 17, 2025

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed CRITICAL

GHSA-g6q4-chqv-724q

Advisory Details

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to execute arbitrary code. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer.This vulnerability affects Fireware OS 11.10.2 up to and including 11.12.4_Update1, 12.0 up to and including 12.11.3 and 2025.1.

CVSS Scoring

CVSS Score

9.0

CVSS Vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2025-9242
WEB https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-00015

Advisory provided by GitHub Security Advisory Database. Published: September 17, 2025, Modified: September 17, 2025

Social Media Intelligence

Real-time discussions and threat intelligence from social platforms

2 posts
Reddit 14 hours, 56 minutes ago
_cybersecurity_
Exploit

Critical WatchGuard Vulnerability Exposes Firebox Devices to Code Execution Risks **A serious vulnerability in WatchGuard Firebox firewalls could allow unauthenticated attackers to execute arbitrary code remotely.** **Key Points:** - Vulnerability tracked as CVE-2025-9242 with a CVSS score of 9.3. - Affected devices run specific versions of Fireware OS, particularly with …

1
1
3.0
View Original High Risk
Reddit 17 hours, 38 minutes ago
xbbdc

WatchGuard Firebox iked Out of Bounds Write Vulnerability (CVE-2025-9242)

9
3
15.0
View Original

References

https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-00015
Published: 2025-09-17T07:29:23.738Z
Last Modified: 2025-09-18T03:55:13.473Z
Copied to clipboard!