CVE-2025-9242

Published: Sep 17, 2025

Modified: Feb 26, 2026

PUBLISHED

Description

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to execute arbitrary code. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer.This vulnerability affects Fireware OS 11.10.2 up to and including 11.12.4_Update1, 12.0 up to and including 12.11.3 and 2025.1.

Vendor	Product	Versions
WatchGuard	Fireware OS	affected `12.0 - <= 12.11.3` affected `11.10.2 - <= 11.12.4+541730` affected `2025.0 - <= 2025.1`

Weaknesses (CWE)

CWE-787

References

https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-00015

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-9242

Description

Affected Products

Weaknesses (CWE)

References