CVE-2025-12694

Summary

A local privilege escalation vulnerability exists in Forcepoint VPN Client that allows a local non-administrative user to escalate privileges to SYSTEM. This issue affects VPN Client for Windows: versions 6.11.3 and prior.

Affected Software

VendorProductVersion RangeStatus
ForcepointVPN Client0 <= 6.11.3affected

Weaknesses

  • CWE-250: CWE-250 Execution with unnecessary privileges

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References