CVE-2025-2781

Published: Mar 28, 2025

Modified: Mar 31, 2025

PUBLISHED

Description

The WatchGuard Mobile VPN with SSL Client on Windows does not properly configure directory permissions when installed in a non-default directory. This could allow an authenticated local attacker to escalate to SYSTEM privileges on a vulnerable system. This issue affects Mobile VPN with SSL Client: from 11.0 through 12.11.

Vendor	Product	Versions
WatchGuard	Mobile VPN with SSL Client	affected `11.0 - <= 12.11`

Weaknesses (CWE)

CWE-276

References

https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-00004

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-2781

Description

Affected Products

Weaknesses (CWE)

References