WatchGuard Firebox Firestorm: Over 115K Devices Still Vulnerable to RCE Attacks!
Over 115,000 WatchGuard Firebox devices are still unpatched against CVE-2025-14733, a critical remote code execution vulnerability. Despite patches being available, many remain exposed online. WatchGuard warns of risks even with removed vulnerable configurations and advises rotating all locally stored secrets on compromised devices.
Hot Take:
Looks like WatchGuard Firebox devices are playing a game of “How Many Vulnerabilities Can We Fit in One Firewall?” If unpatched Fireboxes were a TV show, they’d be the “Days of Our Unpatched Lives,” featuring riveting episodes of remote code execution and VPN drama. It’s a soap opera no one wants to star in. Patch up, folks, before these firewalls turn your network into the Wild Wild West of cyber threats!
Key Points:
- Over 115,000 WatchGuard Firebox devices are exposed online, unpatched against a critical RCE vulnerability.
- The vulnerability (CVE-2025-14733) affects Firebox firewalls running specific versions of Fireware OS.
- Unauthenticated attackers can exploit this flaw to execute arbitrary code remotely.
- WatchGuard has provided indicators of compromise and workarounds for those unable to patch immediately.
- CISA has mandated federal agencies to patch the vulnerability by December 26th, 2023.
Already a member? Log in here