WatchGuard Alerts on Active Exploitation of Network Security Flaws

WatchGuard has addressed a critical vulnerability in its Fireware OS, identified as CVE-2025-14733, which has a high severity score of 9.3. This flaw allows unauthenticated attackers to execute arbitrary code on the system. It impacts mobile VPNs using IKEv2 and branch office VPNs with dynamic gateways. Even if VPN settings are removed, systems with a fixed gateway branch office VPN remain vulnerable.

Hackers are actively exploiting this vulnerability, with attacks traced to specific IP addresses. Notably, the IP address "199[.]247.7.82" has also been linked to attacks on Fortinet products using other high-severity vulnerabilities. WatchGuard provides methods to detect infections and recommends users promptly update their systems.

To mitigate risks temporarily, WatchGuard advises disabling dynamic peer VPNs, listing fixed IP addresses of remote VPN peers, implementing firewall rules for these addresses, and disabling default VPN traffic rules. The announcement follows a previous vulnerability (CVE-2025-9242) in Fireware OS, also actively exploited.

Stay secure — stay Wavasec. 🔐