ZDI-26-427
MEDIUM 5.9
Published
Jul 15, 2026
WatchGuard FireWare OS iked ike2_hmac Null Pointer Dereference Denial-of-Service Vulnerability
WatchGuard
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of WatchGuard FireWare OS. Authentication is not required to exploit this vulnerability, but only systems using VPN with IKEv2 are vulnerable. The ZDI has assigned a CVSS rating of 5.9.