How can this vulnerability be detected on my network or system? Can you suggest some commands?

Detection involves verifying the installed version of the WatchGuard Mobile VPN with SSL Client on Windows. If the version is between 11.0 and 12.11.2 inclusive, the system is vulnerable. You can check the installed version using Windows commands such as 'wmic product where "name like '%WatchGuard Mobile VPN%'" get name, version' or by inspecting the application version in the Programs and Features panel. There are no specific network detection commands or signatures mentioned. [1]

Useful 0 Not Useful 0

Can you explain this vulnerability to me?

This vulnerability in the WatchGuard Mobile VPN with SSL Client on Windows allows a locally authenticated non-administrative user to escalate their privileges to NT AUTHORITY/SYSTEM, which is the highest level of privilege on the Windows machine where the VPN Client is installed. It affects versions 12.0 up to and including 12.11.2.

Useful 0 Not Useful 0

How can this vulnerability impact me? :

An attacker who has local access to the affected Windows machine can exploit this vulnerability to gain full system privileges (NT AUTHORITY/SYSTEM). This can allow them to perform any action on the system, including installing software, accessing sensitive data, or modifying system configurations, potentially leading to a complete compromise of the affected machine.

Useful 0 Not Useful 0

What immediate steps should I take to mitigate this vulnerability?

The immediate mitigation step is to upgrade the WatchGuard Mobile VPN with SSL Client to version 12.11.3 or later, where the vulnerability is resolved. There is no workaround available, so patching is the recommended action. [1]

Useful 0 Not Useful 0