WatchGuard published a new security vulnerability on December 18, 2025, which you absolutely must be aware of:
WatchGuard Firebox iked Out of Bounds Write Vulnerability (CVE-2025-14773)(WGSA-2025-00027) CVSS 9.3
Update June 2023: IPSec VPN Issues: No traffic through the tunnel caused by dropped ESP packets on the DSL modem
We have recently seen an accumulation of problems with IPSec VPN tunnels. The problem was recognized by Swisscom and fixed with a new firmware. Further information can be found in the release notes (on this page). The firmware version from which the problem was fixed is: 9.52.12 B16++ (June 2023).
WatchGuard Launches PSIRT Page
WatchGuard’s Product Security Incident Response Team (PSIRT) has launched their public PSIRT page to provide a consolidated resource where network administrators can find advisories and information about security vulnerabilities in WatchGuard products, as well as WatchGuard’s investigations into industry-wide security issues that may impact WatchGuard products or services. The published…
WatchGuard Firewalls: Cyclops Blink Botnet (English Version)
According to current information, a limited number (~1%) of WatchGuard firewalls have been infected by a state-sponsored botnet called Cyclops Blink. Although there is currently no evidence of data exfiltration, it is possible that data from the firewalls has been compromised.
WatchGuard Firewalls: Cyclops Blink Botnet Befall (Deutsche Version)
Gemäss aktuellen Informationen sind eine begrenzte Anzahl (~1%) von WatchGuard Firewalls von einem staatlich gesponserten Botnet namens “Cyclops Blink” befallen worden. Obwohl es derzeit keine Beweise für eine Datenexfiltration gibt, ist es möglich, dass Daten der Firewalls kompromittiert wurden.
WatchGuard announced new “Service Status Page”
Today WatchGuard launched a new page where you can see the status of WatchGuard Cloud Services. https://status.watchguard.com/ For each region, you’ll find the current status separated by products and the major features that WatchGuard provides. Every line has a simple status indicator to communicate its condition:
Windows update breaks SSO event log readers (FSSO, PAN UIA, WG ELM)
Microsoft has released KB5003646 on the 6th of June 2021. Part of this update is a security hardening measurement to align with recommendations as a conclusion out of CVE-2021-31958. As a known issue of this KB5003646, microsoft has noted in the release notes: “After installing this or later updates, apps…
Exchange Hafnium Vulnerability March 2021
Let’s mention the important things first: Please patch you vulnerable Exchange 2013, 2016 and 2019 immediately! The page msxfaq has published an infosite to this vulnerability including the instructions how to fix your Exchange. Even though we, as Boll Engineering AG, are not associated in any way with the affected…
WatchGuard announces Dark Web Scan Feature
WatchGuard announced in the last days a new feature called Dark Web Scan. The feature is hosted in the WatchGuard cloud. With this new tool, you can perform searches based on email addresses and domain names to see which accounts have been exposed on the dark web during known data…
WatchGuard Fireware Features pro Version
Sicherlich haben Sie sich schon gefragt, wann welches Feature in welchem Fireware Release eingeführt wurde. Da sich dies nur mühsam per Release Notes oder Dokumentation rausfinden lässt, hat WatchGuard für ihre Features einen KB Artikel mit einer Feature Liste pro Version erstellt: New Firebox features by Fireware versionhttps://watchguardsupport.secure.force.com/publicKB?type=Article&SFDCID=kA10H000000boxYSAQ&lang=en_US
