CVE-2025-2781
Description
The WatchGuard Mobile VPN with SSL Client on Windows does not properly configure directory permissions when installed in a non-default directory. This could allow an authenticated local attacker to escalate to SYSTEM privileges on a vulnerable system. This issue affects Mobile VPN with SSL Client: from 11.0 through 12.11.
Weakness Type (CWE)
References
Other References
Frequently Asked Questions
What is CVE-2025-2781? +
How do I check if I'm vulnerable to CVE-2025-2781? +
Related Vulnerabilities
Incorrect default permissions for some Intel(R) NPU Driver software installers before version 32.0.100.4511 within Ring 3: User Applications may allow …
Incorrect Default Permissions in pcvisit service binary on Windows allows a low-privileged local attacker to escalate their privileges by overwriting …
Netskope is notified about a potential gap in its Netskoped Client for Windows systems where a malicious insider with admin …
The WatchGuard Terminal Services Agent on Windows does not properly configure directory permissions when installed in a non-default directory. This …
MacOS version of Poedit bundles a Python interpreter that inherits the Transparency, Consent, and Control (TCC) permissions granted by the …
On macOS systems, by utilizing a Launch Agent and loading the viscosity_openvpn process from the application bundle, it is possible …