CVE-2025-9242

216.73.217.22

· Published 17/09/2025 08:15 · Modified 17/09/2025 14:18

Labels: CVE-2025-9242 2025-09-17 5d1c2695-1a31-4499-88ae-e847036fd7e3 CVE-2025-9242 CWE-787

Essential information

Published: 17/09/2025 08:15
Modified: 17/09/2025 14:18
Author: —
Creator: —
CVSS: 9.3 CRITICAL (v3) 9.3 CRITICAL (v4.0)
CISA KEV: No
CWE: —
CVSS vector: —

CVSS metrics

Description

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to execute arbitrary code. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer.This vulnerability affects Fireware OS 11.10.2 up to and including 11.12.4_Update1, 12.0 up to and including 12.11.3 and 2025.1.

NVD status

Status: Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source: 5d1c2695-1a31-4499-88ae-e847036fd7e3
NVD: View on NVD

Affected products (CPE)

Product	CPE
watchguard / fireware os	`cpe:2.3:a:watchguard:fireware_os:11.10.2-11.12.4_update1:::::::*`
watchguard / fireware os	`cpe:2.3:a:watchguard:fireware_os:12.0-12.11.3:::::::*`
watchguard / fireware os	`cpe:2.3:a:watchguard:fireware_os:2025.1:::::::*`