CVE-2025-2781

Vulnerability Description

The WatchGuard Mobile VPN with SSL Client on Windows does not properly configure directory permissions when installed in a non-default directory. This could allow an authenticated local attacker to escalate to SYSTEM privileges on a vulnerable system. This issue affects Mobile VPN with SSL Client: from 11.0 through 12.11.

Related Weaknesses (CWE)

CWE-276

References

https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-00004

FAQ

What is CVE-2025-2781?

CVE-2025-2781 is a documented vulnerability. The WatchGuard Mobile VPN with SSL Client on Windows does not properly configure directory permissions when installed in a non-default directory. This could allow an authenticated local attacker to es...

How severe is CVE-2025-2781?

CVSS scoring is not yet available for CVE-2025-2781. Check NVD for updates.

Is there a patch for CVE-2025-2781?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.