A memory corruption vulnerability in WatchGuard Fireware OS may allow an unauthenticated attacker to trigger a Denial of Service (DoS) condition in the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer.
This vulnerability affects Fireware OS 12.0 up to and including 12.11.4 and 2025.1 up to and including 2025.1.2.
References
| Link | Resource |
|---|---|
| https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-00018 | Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
History
10 Dec 2025, 15:40
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-00018 - Vendor Advisory | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
| CPE | cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:* cpe:2.3:h:watchguard:firebox_m470:-:*:*:*:*:*:*:* cpe:2.3:h:watchguard:firebox_t115-w:-:*:*:*:*:*:*:* cpe:2.3:h:watchguard:firebox_t40:-:*:*:*:*:*:*:* cpe:2.3:h:watchguard:firebox_t55:-:*:*:*:*:*:*:* cpe:2.3:h:watchguard:firebox_m690:-:*:*:*:*:*:*:* cpe:2.3:h:watchguard:firebox_m440:-:*:*:*:*:*:*:* cpe:2.3:h:watchguard:firebox_nv5:-:*:*:*:*:*:*:* cpe:2.3:h:watchguard:firebox_m5800:-:*:*:*:*:*:*:* cpe:2.3:h:watchguard:firebox_t125:-:*:*:*:*:*:*:* cpe:2.3:h:watchguard:fireboxcloud:-:*:*:*:*:*:*:* cpe:2.3:h:watchguard:firebox_t25:-:*:*:*:*:*:*:* cpe:2.3:h:watchguard:firebox_t85:-:*:*:*:*:*:*:* cpe:2.3:h:watchguard:firebox_t20:-:*:*:*:*:*:*:* cpe:2.3:h:watchguard:firebox_t145:-:*:*:*:*:*:*:* cpe:2.3:h:watchguard:firebox_m270:-:*:*:*:*:*:*:* cpe:2.3:h:watchguard:firebox_m4800:-:*:*:*:*:*:*:* cpe:2.3:h:watchguard:firebox_m290:-:*:*:*:*:*:*:* cpe:2.3:h:watchguard:fireboxv:-:*:*:*:*:*:*:* cpe:2.3:h:watchguard:firebox_m370:-:*:*:*:*:*:*:* cpe:2.3:h:watchguard:firebox_t185:-:*:*:*:*:*:*:* cpe:2.3:h:watchguard:firebox_t145-w:-:*:*:*:*:*:*:* cpe:2.3:h:watchguard:firebox_m5600:-:*:*:*:*:*:*:* cpe:2.3:h:watchguard:firebox_m390:-:*:*:*:*:*:*:* cpe:2.3:h:watchguard:firebox_m590:-:*:*:*:*:*:*:* cpe:2.3:h:watchguard:firebox_t45:-:*:*:*:*:*:*:* cpe:2.3:h:watchguard:firebox_m670:-:*:*:*:*:*:*:* cpe:2.3:h:watchguard:firebox_m4600:-:*:*:*:*:*:*:* cpe:2.3:h:watchguard:firebox_t125-w:-:*:*:*:*:*:*:* cpe:2.3:h:watchguard:firebox_t80:-:*:*:*:*:*:*:* cpe:2.3:h:watchguard:firebox_m570:-:*:*:*:*:*:*:* cpe:2.3:h:watchguard:firebox_t70:-:*:*:*:*:*:*:* |
|
| First Time |
Watchguard firebox Nv5
Watchguard firebox M690 Watchguard firebox T145 Watchguard fireboxv Watchguard firebox T40 Watchguard firebox T25 Watchguard firebox T125 Watchguard firebox M470 Watchguard firebox M570 Watchguard firebox T145-w Watchguard firebox T185 Watchguard firebox M440 Watchguard firebox T70 Watchguard firebox M5800 Watchguard firebox M590 Watchguard firebox M4800 Watchguard firebox M5600 Watchguard fireware Watchguard firebox T85 Watchguard firebox T20 Watchguard firebox M270 Watchguard firebox T80 Watchguard firebox T55 Watchguard firebox M670 Watchguard firebox M390 Watchguard firebox T45 Watchguard fireboxcloud Watchguard firebox T115-w Watchguard firebox T125-w Watchguard Watchguard firebox M4600 Watchguard firebox M370 Watchguard firebox M290 |
04 Dec 2025, 22:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2025-12-04 22:15
Updated : 2025-12-10 15:40
NVD link : CVE-2025-11838
Mitre link : CVE-2025-11838
CVE.ORG link : CVE-2025-11838
JSON object : View
Products Affected
watchguard
- fireboxv
- firebox_t85
- firebox_m570
- firebox_m690
- firebox_t70
- firebox_m4800
- firebox_t40
- firebox_m470
- firebox_m4600
- firebox_t125-w
- firebox_m5600
- firebox_t55
- firebox_t20
- firebox_t185
- fireboxcloud
- firebox_m5800
- fireware
- firebox_t80
- firebox_m270
- firebox_t125
- firebox_t25
- firebox_m670
- firebox_t145
- firebox_m440
- firebox_m390
- firebox_m370
- firebox_t45
- firebox_t115-w
- firebox_nv5
- firebox_m590
- firebox_m290
- firebox_t145-w
CWE
CWE-763
Release of Invalid Pointer or Reference