CVE-2026-13079

Summary

A local privilege escalation vulnerability in the WatchGuard Mobile VPN with SSL client for Windows allows a local attacker to escalate their privileges to NT AUTHORITY\SYSTEM on the machine where the client is installed.

This issue affects the Mobile VPN with SSL client for Windows up to and including 2026.2.

Affected Software

VendorProductVersion RangeStatus
WatchGuardFireware OS12.0 <= 12.12affected
WatchGuardFireware OS2025.1 <= 2026.2affected

Weaknesses

  • CWE-732: CWE-732 Incorrect Permission Assignment for Critical Resource

References