WatchGuard Warns of Active Exploitation of Critical Fireware OS VPN Vulnerability

WatchGuard just dropped a major warning: a critical vulnerability in their Fireware OS VPN is being actively exploited in the wild. This isn't theoretical—attackers are hitting it right now.

The flaw, tracked as CVE-2025-14733, carries a CVSS score of 9.3—that's critical territory. It affects the VPN component of Fireware OS, potentially allowing remote code execution. Translation: attackers could take control of affected systems without authentication.

WatchGuard has released patches for affected versions. If you're running Fireware OS with VPN enabled, you need to update immediately. The company confirmed active exploitation, meaning threat actors are already weaponizing this vulnerability.

This isn't just another vulnerability—it's a live threat. The combination of critical severity, remote code execution potential, and active exploitation makes this a top priority for any organization using WatchGuard Fireware OS VPN solutions.

Security teams should check their WatchGuard deployments, apply the latest patches, and monitor for any suspicious activity. Given the active exploitation, assume compromised systems until proven otherwise.