CVE-2025-14733
Essential information
- Published
- 19/12/2025 01:16
- Modified
- 23/12/2025 11:34
- Author
- —
- Creator
- —
- CVSS
- 9.3 CRITICAL (v3) 9.3 CRITICAL (v4.0)
- CISA KEV
- No
- CWE
- —
- CVSS vector
-
—
—
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Red
CVSS metrics
- Access vector
- —
- Access complexity
- —
- Authentication
- —
- Confidentiality impact
- —
- Integrity impact
- —
- Availability impact
- —
- Exploitability
- —
- Remediation level
- —
- Report confidence
- —
- Temporal score
- —
- Attack vector
- —
- Attack complexity
- —
- Privileges required
- —
- User interaction
- —
- Scope
- —
- Confidentiality impact
- —
- Integrity impact
- —
- Availability impact
- —
- Exploit code maturity
- —
- Remediation level
- —
- Report confidence
- —
- Temporal score
- —
- Attack vector
- NETWORK
- Attack complexity
- LOW
- Attack requirements
- NONE
- Privileges required
- NONE
- User interaction
- NONE
- Confidentiality (V)
- HIGH
- Confidentiality (S)
- NONE
- Integrity (V)
- HIGH
- Integrity (S)
- NONE
- Availability (V)
- HIGH
- Availability (S)
- NONE
- Exploit maturity
- NOT_DEFINED
Description
An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to execute arbitrary code. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer.This vulnerability affects Fireware OS 11.10.2 up to and including 11.12.4_Update1, 12.0 up to and including 12.11.5 and 2025.1 up to and including 2025.1.3.
NVD status
- Status
- Analyzed — CVE has had analysis completed and all data associations made.
- Source
- 5d1c2695-1a31-4499-88ae-e847036fd7e3
- NVD
- View on NVD
Affected products (CPE)
| Product | CPE |
|---|---|
| watchguard / fireware | cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:* |
| watchguard / firebox t15 | cpe:2.3:h:watchguard:firebox_t15:*:*:*:*:*:*:*:* |
| watchguard / firebox t35 | cpe:2.3:h:watchguard:firebox_t35:*:*:*:*:*:*:*:* |
| watchguard / fireware | cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:* |
| watchguard / firebox m270 | cpe:2.3:h:watchguard:firebox_m270:*:*:*:*:*:*:*:* |
| watchguard / firebox m290 | cpe:2.3:h:watchguard:firebox_m290:*:*:*:*:*:*:*:* |
| watchguard / firebox m370 | cpe:2.3:h:watchguard:firebox_m370:*:*:*:*:*:*:*:* |
| watchguard / firebox m390 | cpe:2.3:h:watchguard:firebox_m390:*:*:*:*:*:*:*:* |
| watchguard / firebox m440 | cpe:2.3:h:watchguard:firebox_m440:*:*:*:*:*:*:*:* |
| watchguard / firebox m4600 | cpe:2.3:h:watchguard:firebox_m4600:*:*:*:*:*:*:*:* |
| watchguard / firebox m470 | cpe:2.3:h:watchguard:firebox_m470:*:*:*:*:*:*:*:* |
| watchguard / firebox m4800 | cpe:2.3:h:watchguard:firebox_m4800:*:*:*:*:*:*:*:* |
| watchguard / firebox m5600 | cpe:2.3:h:watchguard:firebox_m5600:*:*:*:*:*:*:*:* |
| watchguard / firebox m570 | cpe:2.3:h:watchguard:firebox_m570:*:*:*:*:*:*:*:* |
| watchguard / firebox m5800 | cpe:2.3:h:watchguard:firebox_m5800:*:*:*:*:*:*:*:* |
| watchguard / firebox m590 | cpe:2.3:h:watchguard:firebox_m590:*:*:*:*:*:*:*:* |
| watchguard / firebox m670 | cpe:2.3:h:watchguard:firebox_m670:*:*:*:*:*:*:*:* |
| watchguard / firebox m690 | cpe:2.3:h:watchguard:firebox_m690:*:*:*:*:*:*:*:* |
| watchguard / firebox nv5 | cpe:2.3:h:watchguard:firebox_nv5:*:*:*:*:*:*:*:* |
| watchguard / firebox t20 | cpe:2.3:h:watchguard:firebox_t20:*:*:*:*:*:*:*:* |
| watchguard / firebox t25 | cpe:2.3:h:watchguard:firebox_t25:*:*:*:*:*:*:*:* |
| watchguard / firebox t40 | cpe:2.3:h:watchguard:firebox_t40:*:*:*:*:*:*:*:* |
| watchguard / firebox t45 | cpe:2.3:h:watchguard:firebox_t45:*:*:*:*:*:*:*:* |
| watchguard / firebox t55 | cpe:2.3:h:watchguard:firebox_t55:*:*:*:*:*:*:*:* |
| watchguard / firebox t70 | cpe:2.3:h:watchguard:firebox_t70:*:*:*:*:*:*:*:* |
| watchguard / firebox t80 | cpe:2.3:h:watchguard:firebox_t80:*:*:*:*:*:*:*:* |
| watchguard / firebox t85 | cpe:2.3:h:watchguard:firebox_t85:*:*:*:*:*:*:*:* |
| watchguard / fireboxcloud | cpe:2.3:h:watchguard:fireboxcloud:*:*:*:*:*:*:*:* |
| watchguard / fireboxv | cpe:2.3:h:watchguard:fireboxv:*:*:*:*:*:*:*:* |
| watchguard / fireware | cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:* |
| watchguard / firebox t115-w | cpe:2.3:h:watchguard:firebox_t115-w:*:*:*:*:*:*:*:* |
| watchguard / firebox t125 | cpe:2.3:h:watchguard:firebox_t125:*:*:*:*:*:*:*:* |
| watchguard / firebox t125-w | cpe:2.3:h:watchguard:firebox_t125-w:*:*:*:*:*:*:*:* |
| watchguard / firebox t145 | cpe:2.3:h:watchguard:firebox_t145:*:*:*:*:*:*:*:* |
| watchguard / firebox t145-w | cpe:2.3:h:watchguard:firebox_t145-w:*:*:*:*:*:*:*:* |
| watchguard / firebox t185 | cpe:2.3:h:watchguard:firebox_t185:*:*:*:*:*:*:*:* |