**Name of the Vulnerable Software and Affected Versions:**

WatchGuard Fireware OS versions 11.10.2 through 11.12.4 Update1

WatchGuard Fireware OS versions 12.0 through 12.11.3

WatchGuard Fireware OS version 2025.1

**Description:**

An out-of-bounds write vulnerability exists in WatchGuard Fireware OS, potentially allowing a remote, unauthenticated attacker to execute arbitrary code. The vulnerability impacts the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer. It is estimated that over 1.2 million systems are vulnerable worldwide. The flaw resides in the `iked` process.

**Recommendations:**

WatchGuard Fireware OS versions 11.10.2 through 11.12.4 Update1: Apply the latest updates provided by WatchGuard.

WatchGuard Fireware OS versions 12.0 through 12.11.3: Apply the latest updates provided by WatchGuard.

WatchGuard Fireware OS version 2025.1: Apply the latest updates provided by WatchGuard.