Patch now! Around 7000 WatchGuard firewalls in Germany still vulnerable
Apparently, many admins worldwide have not yet installed an important security patch for WatchGuard Firebox.
(Image: Sashkin/Shutterstock.com)
Scans by security researchers show that over 70,000 WatchGuard firewalls worldwide are vulnerable and publicly accessible via the internet. A security update that closes a “critical” vulnerability is available. Currently, there are no reports of attacks, but admins should not delay patching for too long.
Execute malicious code
Security researchers from Shadowserver point this out in a post. With over 20,000 instances, the USA leads the list. Germany follows with around 7000 firewalls. The security vulnerability (CVE-2025-9242) has been known since September. Security updates have also been available since then.
Videos by heise
Remote attackers can exploit the vulnerability without authentication to initiate malicious code attacks. WatchGuard lists the affected Firebox models in a warning message. The developers assure that the vulnerability has been closed in the following Fireware OS versions:
- 12.3.1_Update3 (B722811)
- 12.5.13
- 12.11.4
- 2025.1.1
If installation is not currently possible, admins must secure their instances via a temporary workaround.
(des)
