PT-2025-49158 · Watchguard · Watchguard Fireware
Published
2025-12-04
·
Updated
2025-12-16
·
CVE-2025-11838
CVSS v4.0
8.7
High
| Vector | AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N |
Name of the Vulnerable Software and Affected Versions
WatchGuard Fireware OS versions 12.0 through 12.11.4
WatchGuard Fireware OS versions 2025.1 through 2025.1.2
Description
A memory corruption issue exists in WatchGuard Fireware OS. An unauthenticated attacker can potentially cause a Denial of Service (DoS) condition. This can occur in Mobile User VPN with IKEv2 and Branch Office VPN using IKEv2 when a dynamic gateway peer is configured.
Recommendations
WatchGuard Fireware OS versions prior to 12.0 should be updated.
WatchGuard Fireware OS versions 12.0 through 12.11.4 should be updated.
WatchGuard Fireware OS versions prior to 2025.1.2 should be updated.
WatchGuard Fireware OS versions 2025.1 through 2025.1.2 should be updated.
Fix
DoS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Watchguard Fireware