【資安漏洞預警】WatchGuard Firebox存在重大資安漏洞(CVE-2025-14733)
[Security Vulnerability Alert] WatchGuard Firebox has a critical cybersecurity vulnerability (CVE-2025-14733)

發布單位:圖資處數位服務組
日期範圍:2025/12/23 ~ 2026/6/23
 
發布單位:圖資處數位服務組
日期範圍:2025/12/23 ~ 2026/6/23
行政 行政公告
全體

轉發 台灣電腦網路危機處理暨協調中心 資安訊息警訊 TWCERTCC-200-202512-00000010

[內容說明]
WatchGuard Firebox 是一款次世代防火牆產品,提供多層次防護,包括防毒、IPS、APT 阻擋及垃圾郵件過濾。
WatchGuard發布重大資安漏洞(CVE-2025-14733,CVSS 4.x:9.3)公告,該漏洞為越界寫入漏洞,可能允許遠端未經驗證的攻擊者執行任意程式碼,目前WatchGuard已觀察到攻擊者正積極嘗試利用此漏洞,詳細說明請見WatchGuard官網。

[影響平台]
WatchGuard Fireware OS 2025.1至2025.1.3版本
WatchGuard Fireware OS 12.5至12.5.14版本
WatchGuard Fireware OS 12.0至12.11.5版本
WatchGuard Fireware OS 11.10.2.至11.12.4+541730版本

[建議措施]
請更新至以下版本:
WatchGuard Fireware OS 2025.1.4版本
WatchGuard Fireware OS 12.5.15版本
WatchGuard Fireware OS 12.11.6版本
WatchGuard Fireware OS 12.3.1_Update4 (B728352)版本
備註:WatchGuard Fireware OS 11.x版本已是EoL(End of Life)的產品,建議升級至支援版本

[參考資料]
1. https://www.twcert.org.tw/tw/cp-169-10589-329d6-1.html

Forwarded from Taiwan Computer Network Crisis Management and Coordination Center: Cybersecurity Alert TWCERTCC-200-202512-00000010

[Content Description]
WatchGuard Firebox is a next-generation firewall product offering multi-layered protection, including antivirus, IPS, APT blocking, and spam filtering.

WatchGuard has released a critical cybersecurity vulnerability announcement (CVE-2025-14733, CVSS 4.x: 9.3). This vulnerability is an out-of-bounds write vulnerability that could allow an unauthenticated attacker to execute arbitrary code remotely. WatchGuard has observed attackers actively attempting to exploit this vulnerability. For detailed information, please visit the WatchGuard website.

[Affected Platforms]
WatchGuard Fireware OS versions 2025.1 to 2025.1.3
WatchGuard Fireware OS versions 12.5 to 12.5.14
WatchGuard Fireware OS versions 12.0 to 12.11.5
WatchGuard Fireware OS versions 11.10.2 to 11.12.4+541730

[Recommended Actions]
Please update to the following versions:
WatchGuard Fireware OS version 2025.1.4
WatchGuard Fireware OS version 12.5.15
WatchGuard Fireware OS version 12.11.6
WatchGuard Fireware OS version 12.3.1_Update4 (B728352)
Note: WatchGuard Fireware OS versions 11.x are already EoL (End of Life) versions. For Life products, it is recommended to upgrade to the supported version.

[Reference]
1. https://www.twcert.org.tw/tw/cp-169-10589-329d6-1.html


相關附件
system_update_alt參考資料
【返回上頁】
Top↑