Firewall
CISA warns of WatchGuard firewall flaw exploited in attacks
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has warned government agencies to patch an actively exploited vulnerability impacting WatchGuard Firebox firewalls. Remote attackers can use this critical security flaw (CVE-2025-9242) to execute malicious code remotely on vulnerable devices by exploiting an out-of-bounds write weakness in firewalls running Fireware OS 11.x (end of life), 12.x, and 2025.1. […]
Cisco: Actively exploited firewall flaws now abused for DoS attacks
Cisco warned this week that two vulnerabilities, which have been used in zero-day attacks, are now being exploited to force ASA and FTD firewalls into reboot loops. The tech giant released security updates on September 25 to address the two security flaws, stating that CVE-2025-20362 enables remote threat actors to access restricted URL endpoints without authentication, while CVE-2025-20333 allows authenticated attackers […]
SonicWall says state-sponsored hackers behind September security breach
SonicWall’s investigation into the September security breach that exposed customers’ firewall configuration backup files concludes that state-sponsored hackers were behind the attack. The network security company says that incident responders from Mandiant confirmed that the malicious activity had no impact on SonicWall’s products, firmware, systems, tools, source code, or customer networks. “The Mandiant investigation is now […]
SonicWall: Firewall configs stolen for all cloud backup customers
SonicWall has confirmed that all customers that used the company’s cloud backup service are affected by the security breach last month. Previously, the vendor stated that the incident “exposed firewall configuration backup files stored in certain MySonicWall accounts,” without sharing additional details. MySonicWall is an online customer portal used for managing product access, licensing, registration, […]
CISA orders agencies to patch Cisco flaws exploited in zero-day attacks
CISA has issued a new emergency directive ordering U.S. federal agencies to secure their Cisco firewall devices against two flaws that have been exploited in zero-day attacks. Emergency Directive 25-03 was issued to Federal Civilian Executive Branch (FCEB) agencies on September 25 and requires them to patch CVE-2025-20333 and CVE-2025-20362 vulnerabilities in Adaptive Security Appliance (ASA) and Firewall Threat […]
Cisco warns of ASA firewall zero-days exploited in attacks
Cisco warned customers today to patch two zero-day vulnerabilities that are actively being exploited in attacks and impact the company’s firewall software. The first one (CVE-2025-20333) allows authenticated, remote attackers to execute arbitrary code on devices running vulnerable Adaptive Security Appliance (ASA) and Firewall Threat Defense (FTD) software, while the second (CVE-2025-20362) enables remote attackers […]
WatchGuard warns of critical vulnerability in Firebox firewalls
WatchGuard has released security updates to address a remote code execution vulnerability impacting the company’s Firebox firewalls. Tracked as CVE-2025-9242, this critical security flaw is caused by an out-of-bounds write weakness that can allow attackers to execute malicious code remotely on vulnerable devices following successful exploitation. CVE-2025-9242 affects firewalls running Fireware OS 11.x (end of life), 12.x, […]
SonicWall urges admins to disable SSLVPN amid rising attacks
SonicWall has warned customers to disable SSLVPN services due to ransomware gangs potentially exploiting an unknown security vulnerability in SonicWall Gen 7 firewalls to breach networks over the past few weeks. The warning comes after Arctic Wolf Labs reported on Friday that it had observed multiple Akira ransomware attacks, likely using a SonicWall zero-day vulnerability, since July 15th. “The […]
SonicWall firewall devices hit in surge of Akira ransomware attacks
SonicWall firewall devices have been increasingly targeted since late July in a surge of Akira ransomware attacks, potentially exploiting a previously unknown security vulnerability, according to cybersecurity company Arctic Wolf. Akira emerged in March 2023 and quickly claimed many victims worldwide across various industries. Over the last two years, Akira has added over 300 organizations to its […]
Microsoft fixes bug behind incorrect Windows Firewall errors
Microsoft has resolved a known issue that triggers invalid Windows Firewall errors after rebooting Windows 11 24H2 systems with the June 2025 preview update installed. The bug has been fixed in the KB5062660 preview cumulative update for Windows 11 24H2, released on Tuesday, with the fix to be made generally available to all users who will install […]