WatchGuard sounds alarm as critical Firebox flaw comes under active attack

WatchGuard has confirmed active exploitation of a critical unauthenticated RCE (CVE-2025-32978, 9.3) in Firebox firewalls' IKE service; the vendor has published advisories, IOCs, and firmware updates with a temporary workaround for unpatched systems. Successful exploitation grants remote code execution and full control of internet-reachable firewalls, posing high risk to network traffic, credentials, VPNs, and downstream systems.