CVE-2025-14733 WatchGuard iked RCE
Out-of-bounds write vulnerability in Fireware OS IKE daemon enabling unauthenticated remote code execution via malicious IKEv2 certificates affecting 117,490+ internet-exposed instances.
-
WatchGuard Fireware CVE-2025-14733: Out-of-Bounds Write in iked Enables Unauthenticated RCE on 117,490+ Exposed Firewalls
A critical out-of-bounds write vulnerability in WatchGuard Fireware OS allows unauthenticated remote attackers to execute arbitrary code on perimeter devices via malicious IKEv2 packets. 117,490 exposed instances globally, 35,600+ in the U.S., with active exploitation confirmed since December 2025.