CVE-2025-9242

ENISA EUVD: EUVD-2025-29699 ↗

Exploited in the Wild ✓ Confirmed 0-Day

Triaged: March 5, 2026 3 articles Published: 2025-09-17

VulnLookup ↗ NVD ↗ EUVD ↗ MITRE ↗ CISA KEV ↗

EPSS Score

Source: FIRST.org · 2026-05-23

73.48%

probability

This CVE has a 73.48% probability of being exploited in the next 30 days.

0% Top 98.8th percentile of all CVEs 100%

CVSS v4.0 NEW

Source: VulnerabilityLookup (CIRCL)

9.3

CRITICAL

Attack Vector

Network

Attack Complexity

Low

Attack Requirements

None

Privileges Required

None

User Interaction

None

Vulnerable System Confidentiality Impact

High

Vulnerable System Integrity Impact

High

Vulnerable System Availability Impact

High

Subsequent System Confidentiality Impact

None

Subsequent System Integrity Impact

None

Subsequent System Availability Impact

None

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CVSS v3.1

Source: NVD

9.8

CRITICAL

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

VulnerabilityLookup (CNA)

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to execute arbitrary code. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer.This vulnerability affects Fireware OS 11.10.2 up to and including 11.12.4_Update1, 12.0 up to and including 12.11.3 and 2025.1.

Affected Products

WatchGuard

Fireware OS

12.0 11.10.2 2025.0

watchguard

fireware

WatchGuard

Fireware OS

12.0 ≤12.11.3

WatchGuard

Fireware OS

11.10.2 ≤11.12.4+541730

WatchGuard

Fireware OS

2025.0 ≤2025.1

WatchGuard

Fireware OS

2025.1 <2025.1.1

Attack Intelligence

CWE-118 · Incorrect Access of Indexable Resource ('Range Error') CWE-119 · Buffer Overflow CWE-664 · Improper Control of a Resource Through its Lifetime CWE-787 · Out-of-bounds Write

Exploits & PoC

watchtowrlabs/watchTowr-vs-WatchGuard-CVE-2025-9242

13 2026-03-03

1 repo — triés par ⭐ Rechercher sur GitHub ↗

https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-00015

Signal Intelligence

Confidenceⓘ

85%

EPSS 73.48%

CVSS v4.0 9.3

CVSS v3.1 9.8

Mentions 3

Last Seen Dec 19, 2025

CNA Information

CNA Assigner

WatchGuard

CNA Title

WatchGuard Firebox iked Out of Bounds Write Vulnerability

Analyst Note

CVE-2025-9242 is a 2025 critical vulnerability in WatchGuard Fireware OS with documented active exploitation in real-world attacks. CISA added it to the KEV catalog based on evidence of active exploitation, and articles explicitly reference active real-world exploitation occurring alongside vendor patch release, meeting zero-day criteria.