CVE-2025-11838
HIGHDescription
A memory corruption vulnerability in WatchGuard Fireware OS may allow an unauthenticated attacker to trigger a Denial of Service (DoS) condition in the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer. This vulnerability affects Fireware OS 12.6.1 up to and including 12.11.4 and 2025.1 up to and including 2025.1.2.
Is your site exposed to CVE-2025-11838?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| watchguard | fireware |
| watchguard | firebox_t115-w |
| watchguard | firebox_t125 |
| watchguard | firebox_t125-w |
| watchguard | firebox_t145 |
| watchguard | firebox_t145-w |
| watchguard | firebox_t185 |
| watchguard | fireware |
| watchguard | firebox_m270 |
| watchguard | firebox_m290 |
| watchguard | firebox_m370 |
| watchguard | firebox_m390 |
| watchguard | firebox_m440 |
| watchguard | firebox_m4600 |
| watchguard | firebox_m470 |
| watchguard | firebox_m4800 |
| watchguard | firebox_m5600 |
| watchguard | firebox_m570 |
| watchguard | firebox_m5800 |
| watchguard | firebox_m590 |
| watchguard | firebox_m670 |
| watchguard | firebox_m690 |
| watchguard | firebox_nv5 |
| watchguard | firebox_t20 |
| watchguard | firebox_t25 |
| watchguard | firebox_t40 |
| watchguard | firebox_t45 |
| watchguard | firebox_t55 |
| watchguard | firebox_t70 |
| watchguard | firebox_t80 |
| watchguard | firebox_t85 |
| watchguard | fireboxcloud |
| watchguard | fireboxv |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2025-11838? +
How severe is CVE-2025-11838? +
What products are affected by CVE-2025-11838? +
How do I check if I'm vulnerable to CVE-2025-11838? +
Related Vulnerabilities
A security issue exists due to improper handling of malformed CIP packets during fuzzing. The controller enters a hard fault …
In the Linux kernel, the following vulnerability has been resolved: tipc: fix double-free in tipc_buf_append() tipc_msg_validate() can potentially reallocate the …
Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble was discovered to contain a segmentation violation via the component theta_star::ThetaStar::isUnsafeToPlan().
It was possible to prevent a user from exiting pointerlock when pressing escape and to overlay customValidity notifications from a …
An arbitrary free vulnerability exists in the cv_close functionality of Dell ControlVault3 prior to 5.15.10.14 and Dell ControlVault3 Plus prior …
Memory corruption while reading ACPI config through the user mode app.