IKE Protocol Authentication Bypass

Memory corruption in IKEv2 handshake processing allows unauthenticated VPN concentration device compromise and potential lateral movement into protected enterprise networks.

WatchGuard Fireware CVE-2025-14733: Out-of-Bounds Write in iked Enables Unauthenticated RCE on 117,490+ Exposed Firewalls

Jan 4, 2026

—

by

Peter Chofield

in Cyber News & Updates

A critical out-of-bounds write vulnerability in WatchGuard Fireware OS allows unauthenticated remote attackers to execute arbitrary code on perimeter devices via malicious IKEv2 packets. 117,490 exposed instances globally, 35,600+ in the U.S., with active exploitation confirmed since December 2025.

IKE Protocol Authentication Bypass

WatchGuard Fireware CVE-2025-14733: Out-of-Bounds Write in iked Enables Unauthenticated RCE on 117,490+ Exposed Firewalls