[CVE-2025-11845, CVE-2025-11846, CVE-2025-11847] Vulnerability Fix

Options
Zyxel_CSO
Zyxel_CSO Posts: 500 image  Zyxel Employee
5 Answers First Comment Friend Collector Ninth Anniversary
edited February 9 in Vulnerability

CVE ID

  • CVE-2025-11845
  • CVE-2025-11846
  • CVE-2025-11847

Affected model & Version

Model

Version

Vulnerability Fix Version

Nebula FWA505

1.19(ACKO.0)C0 and earlier

1.60(ACKO.2)V0

Nebula FWA510

1.20(ACGD.1)C0 and earlier

1.60(ACGD.0)C0

Nebula FWA515

1.50(ACPZ.0)C0 and earlier

1.60(ACPZ.0)V0

Nebula FWA710

1.20(ACGC.0)C0 and earlier

1.60(ACGC.1)V0

Important Notes & Warnings

  • Mobile routers operate over cellular networks, which are typically deployed behind
    Internet Service Provider Carrier-Grade NAT (CGNAT).
    As a result, the practical exploitation risk of this vulnerability is considered low
    in typical deployment scenarios.
    The V0 vulnerability fix firmware for the FWA505, FWA515, and FWA710 models is provided exclusively for users with urgent security concerns and will be incorporated into the official Nebula patch firmware release, currently planned for the early July 2026.

    ⚠️ Important: Upgrading to the security fix firmware will disable Nebula cloud management
    functionality

Before upgrading, please ensure a complete configuration backup is performed:
Maintenance > Backup/Restore

Requesting the Fix Firmware

Please carefully review the Important Notes &Warnings section above and ensure you fully understand the impact, including the loss of Nebula cloud management after upgrading.

If you accept these limitations and still require the vulnerability fix firmware, please create a post to request the vulnerability fix firmware at:

🔗 https://community.zyxel.com/en/categories/wireless

We will assist accordingly.

Zyxel Nebula Support