IKEv2 — Cyber Threats, Attacks & Incidents

Threat entity extracted from intelligence sources

Frequency
3
occurrences
First Seen
December 19, 2025
Last Seen
December 19, 2025

IKEv2 is a technology platform tracked across 1 threat cluster and 3 intelligence report mentions on ThreatCluster. First observed December 19, 2025; most recent activity December 19, 2025.

Overview

IKEv2 is a widely used VPN protocol (IPsec) that secures VPN tunnels for remote access and site-to-site connectivity, often implemented in enterprise devices and appliances such as WatchGuard Firebox. The recent Firebox firmware 9.3 vulnerability being actively exploited highlights how weaknesses in VPN gateway appliances can enable malware delivery and unauthorized access, underscoring the importance of rapid patching and monitoring of VPN infrastructure.

Related Threat Clusters

Recent Intelligence Reports

  • WatchGuard: Patch exploited 9.3 flaw in Firebox firmware — Scmagazine · December 19, 2025
  • WatchGuard sounds alarm as critical Firebox flaw comes under active attack — Theregister · December 19, 2025
  • Patch now! Attackers push malware onto WatchGuard Firebox — Heise.De · December 19, 2025

CVSS v3.1 Breakdown