WatchGuard Firebox iked Memory Corruption Vulnerability Details Advisory ID: WGSA-2025-00018 CVE: CVE-2025-11838 Impact: High Status: Resolved Product Family: Firebox Published Date: 2025-12-04 Updated Date: 2025-12-04 Workaround Available: False CVSS Score: 8.7 CVSS Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N Summary A memory corruption vulnerability in WatchGuard Fireware OS may allow an unauthenticated attacker to trigger a Denial of Service (DoS) condition in the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer. Affected Versions Fireware OS 12.0 up to and including 12.11.4 Fireware OS 2025.1 up to and including 2025.1.2 Resolution Vulnerable Version: 2025.1, 12.x Resolved Version: 2025.1.3, 12.11.5 Credits McCaulay Hudson (@_McCaulay) of watchTour Advisory Product List PRODUCT FAMILY: Firebox PRODUCT BRANCH: Fireware OS 2025.1.x, Fireware OS 12.x PRODUCT LIST: T115-W, T125, T125-W, T145, T145-W, T185, T20, T25, T40, T45, T55, T70, T80, T85, M270, M290, M370, M390, M470, M570, M590, M670, M690, M440, M4600, M4800, M5600, M5800, Firebox Cloud, Firebox MV5, FireboxV