Overview
WatchGuard has recently released an update to their Fireware OS due to a critical vulnerability, which may allow an unauthenticated attacker to execute arbitrary code. This affects Firebox appliances configured with IKEv2 VPN (mobile user or branch office VPN with dynamic gateway peers). Even previously deleted configurations may leave systems vulnerable if static gateway peers remain active.
- CVE-2025-9242: Critical Out-of-Bounds Write in Fireware OS (CVSSv4 9.3). Affecting Fireware OS 11.10.2–11.12.4_Update1, 12.0–12.11.3, and 2025.1
Docker Compose users are being strongly advised to update to the latest version of the tool after researchers uncovered a flaw allowing attackers to stage path traversal attacks. Docker is widely used by organisations to run containerised applications and is often considered as a vital component to business operations. Any Docker platform or workflow that resolves remote OCI artifacts, Docker Desktop, standalone Compose binaries on Linux, CI/CD runners, cloud dev environments is at risk.
- CVE-2025-62725: Path Traversal and Arbitrary File Write via OCI Artifact (CVSSv4 8.9). Docker Compose versions below v2.40.2 are at risk of this vulnerability.
Ubiquiti has released a patch for their UniFi Access systems in response to a critical vulnerability exposing a management API without authentication, allowing attackers with network access to bypass access controls and potentially gain full control over door access systems.
- CVE-2025-52665: Unauthenticated API Exposure in Door Access Application (CVSSv3.1 10.0). This flaw affects the UniFi Access Application v3.3.22–3.4.31.
Recommended Action
Organisations are strongly advised to review the appropriate security advisory pages and apply the patches:
WatchGuard - Security Advisory
Docker – Security Advisory
Ubiquiti – Security Advisory
It is also highly recommended to audit configurations for any residual risk (e.g. VPN settings in Firebox), monitor for indicators of compromise and restrict access to management interfaces.