What is the CVSS score of CVE-2025-11838?

CVE-2025-11838 has a CVSS 3.1 base score of 7.5 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H. EPSS exploitation probability: 0.1%.

Which versions of Fireware are affected by CVE-2025-11838?

WatchGuard firewall devices running vulnerable Fireware OS versions are exposed to unauthenticated denial-of-service attacks targeting VPN functionality, potentially disrupting remote worker…

How to fix or mitigate CVE-2025-11838?

Within 24 hours: Inventory all WatchGuard Fireware OS instances and identify those running versions 12.6.1-12.11.4 or 2025.1-2025.1.2 with IKEv2 VPN enabled; disable IKEv2 VPN if operationally feasible or restrict VPN gateway access via network ACLs. Within 7 days: Establish continuous monitoring for DoS patterns on affected devices; prepare rollback procedures and alternative VPN connectivity options. Within 30 days: Monitor WatchGuard security advisories for patch availability and test in non-production environments immediately upon release; deploy patches to production systems on a prioritized schedule based on VPN criticality.

Fireware CVE-2025-11838

EUVD-2025-201298 HIGH

Release of Invalid Pointer or Reference (CWE-763)

2025-12-04 5d1c2695-1a31-4499-88ae-e847036fd7e3

Buffer Overflow Denial Of Service Microsoft Fireware

7.5

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Lifecycle Timeline

EUVD ID Assigned

Mar 15, 2026 - 16:35 euvd

EUVD-2025-201298

Analysis Generated

Mar 15, 2026 - 16:35 vuln.today

CVE Published

Dec 04, 2025 - 22:15 nvd

HIGH 7.5

DescriptionNVD

A memory corruption vulnerability in WatchGuard Fireware OS may allow an unauthenticated attacker to trigger a Denial of Service (DoS) condition in the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer.

This vulnerability affects Fireware OS 12.6.1 up to and including 12.11.4 and 2025.1 up to and including 2025.1.2.

Analysis

This vulnerability affects Fireware OS 12.6.1 up to and including 12.11.4 and 2025.1 up to and including 2025.1.2.

Technical ContextAI

A denial of service vulnerability allows an attacker to disrupt the normal functioning of a system, making it unavailable to legitimate users.

RemediationAI

Implement rate limiting and input validation. Use timeout mechanisms for resource-intensive operations. Deploy DDoS protection where applicable.

More from same product – last 7 days

CVE-2026-10044 HIGH This Week POC

8.2 May 28

{filename} endpoint. The flawed traversal guard only rejects forward slashes and '..' sequences, so absolute Windows pat

CVE-2026-40412 CRITICAL Monitor

10.0 May 22

Remote code execution in Microsoft Azure Orbital Spatio allows unauthenticated network attackers to upload dangerous fil

CVE-2026-41104 CRITICAL Monitor

10.0 May 22

Unsafe deserialization in Microsoft Planetary Computer Pro (Geocatalog) lets a remote unauthenticated attacker craft mal

CVE-2026-23652 CRITICAL Monitor

10.0 May 22

Remote code execution in Microsoft Power Pages allows unauthenticated network attackers to inject and execute operating-

CVE-2026-47280 CRITICAL Monitor

10.0 May 22

Privilege elevation in Microsoft Azure Resource Manager (ARM) allows remote unauthenticated attackers to bypass authenti

CVE-2025-11838 vulnerability details – vuln.today

Back

Fireware CVE-2025-11838

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

Analysis

Technical ContextAI

RemediationAI

More from same product – last 7 days

Share

External POC / Exploit Code