WatchGuard Mobile VPN with SSL Local Privilege Escalation
Advisory ID
WGSA-2025-00016
CVE
CVE-2025-1549
Impact
Medium
Status
Resolved
Product Family
Other Software
Published Date
Updated Date
Workaround Available
False
CVSS Score
6.3
CVSS Vector
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H
Summary
A local privilege escalation vulnerability in the WatchGuard Mobile VPN with SSL client on Windows enables a local user to execute arbitrary commands with elevated privileges on the Windows system. This vulnerability is an additional unmitigated attack path for CVE-2024-4944.
Affected
WatchGuard Mobile VPN with SSL for Windows up to and including version 12.10.2
Resolution
WatchGuard Mobile VPN with SSL for Windows version 12.11.3
Credits
Defence Tech Malware Lab
Advisory Product List
| Product Family | Product Branch | Product List |
|---|---|---|
Other Software
|
SSL VPN | SSL VPN |