🔴 CVE-2025-9242

Key Sources:

• Over 75,000 WatchGuard security devices vulnerable to critical RCE

  WatchGuard disclosed CVE-2025-9242 in a security bulletin on September 17 and rated the vulnerability with a critical-severity score of 9.3. The security problem is an out-of-bounds write in the Fireware OS ‘iked’ process, which handles IKEv2 VPN negotiations. The flaw can be exploited without authentication by sending specially crafted IKEv2 packets to vulnerable Firebox endpoints, forcing it to write data to unintended memory areas.

• Alert CISA Adds Three Known Exploited Vulnerabilities to Catalog...

  CVE-2025-9242.These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the KEV Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise.

• CISA Adds Three Known Exploited Vulnerabilities to Catalog

  CISA Adds Three Known Exploited Vulnerabilities to Catalog · CVE-2025-9242 WatchGuard Firebox Out-of-Bounds Write Vulnerability · CVE-2025-12480 ...

• Cleopatra’s Shadow: A Mass Exploitation Campaign... - Arctic Wolf

  September 17, 2025. CVE-2025-9242: Critical Unauthenticated Out-of-Bounds Write Vulnerability in WatchGuard Firebox.Additionally, devices should be continuously audited for potential weaknesses in internet-accessible services, and vulnerable services should be kept off the public internet where possible to minimize the potential exposure in mass exploitation campaigns such as this one. This can be accomplished by IP access control lists, or by keeping applications behind a VPN to reduce the potential attack surface.

• Known Exploited Vulnerabilities Catalog

  CVE-2025-9242. WatchGuard Firebox Out-of-Bounds Write Vulnerability ... Successful exploitation of this vulnerability could enable the attacker to gain SYSTEM- ...