Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2025-14733
PUBLISHED
More InfoOfficial Page
Assigner-WatchGuard
Assigner Org ID-5d1c2695-1a31-4499-88ae-e847036fd7e3
View Known Exploited Vulnerability (KEV) details
Published At-19 Dec, 2025 | 00:01
Updated At-26 Feb, 2026 | 16:07
Rejected At-
▼CVE Numbering Authority (CNA)
WatchGuard Firebox iked Out of Bounds Write Vulnerability

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to execute arbitrary code. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer.This vulnerability affects Fireware OS 11.10.2 up to and including 11.12.4_Update1, 12.0 up to and including 12.11.5 and 2025.1 up to and including 2025.1.3.

Affected Products
Vendor
WatchGuard Technologies, Inc.WatchGuard
Product
Fireware OS
Default Status
unaffected
Versions
Affected
  • From 11.10.2 through 11.12.4+541730 (semver)
  • From 12.0 through 12.11.5 (semver)
  • From 12.5 through 12.5.14 (semver)
  • From 2025.1 through 2025.1.3 (semver)
Problem Types
TypeCWE IDDescription
CWECWE-787CWE-787 Out-of-bounds Write
Type: CWE
CWE ID: CWE-787
Description: CWE-787 Out-of-bounds Write
Metrics
VersionBase scoreBase severityVector
4.09.3CRITICAL
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/U:Red
Version: 4.0
Base score: 9.3
Base severity: CRITICAL
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/U:Red
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-100CAPEC-100 Overflow Buffers
CAPEC ID: CAPEC-100
Description: CAPEC-100 Overflow Buffers
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-00027
N/A
Hyperlink: https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-00027
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
kev
dateAdded:
2025-12-19
reference:
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-14733
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
CVE-2025-14733 added to CISA KEV2025-12-19 00:00:00
Event: CVE-2025-14733 added to CISA KEV
Date: 2025-12-19 00:00:00
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-14733
government-resource
Hyperlink: https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-14733
Resource:
government-resource
Details not found