Nearly 76,000 WatchGuard Firebox network security appliances are exposed on the public web and still vulnerable to a critical issue (CVE-2025–9242) that could allow a remote attacker to execute code without authentication.

Firebox devices act as a central defense hub that controls traffic between internal and external networks, providing protection through policy management, security services, VPN, and real-time real-time visibility through WatchGuard Cloud.

Scans from The Shadowserver Foundation currently show that there are 75,835 vulnerable Firebox appliances across the world, most of them in Europe and North America.