CVE-2026-13079
Received Received - Intake

Privilege Escalation in WatchGuard Mobile VPN with SSL Client

Vulnerability report for CVE-2026-13079, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-03

Last updated on: 2026-07-03

Assigner: WatchGuard Technologies, Inc.

Description

A local privilege escalation vulnerability in the WatchGuard Mobile VPN with SSL client for Windows allows a local attacker to escalate their privileges to NT AUTHORITY\SYSTEM on the machine where the client is installed. This issue affects the Mobile VPN with SSL client for Windows up to and including 2026.2.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-03
Last Modified
2026-07-03
Generated
2026-07-03
AI Q&A
2026-07-03
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 5 associated CPEs
Vendor Product Version / Range
watchguard mobile_vpn_with_ssl_client to 2026.2 (inc)
watchguard firebox *
watchguard fireware_os 12.5.x
watchguard fireware_os 2025.1.x
watchguard fireware_os 12.x

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-732 The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability is a local privilege escalation issue in the WatchGuard Mobile VPN with SSL client for Windows. It allows a local attacker who already has some access to the machine to increase their privileges to the highest system level, NT AUTHORITY\SYSTEM, on the affected device.

The vulnerability affects versions of the client up to and including 2026.2 and has been fixed in version 2026.2.1.

Impact Analysis

If exploited, this vulnerability allows an attacker with local access to the affected Windows machine to gain full system privileges (NT AUTHORITY\SYSTEM). This means the attacker can perform any action on the system, including installing software, changing configurations, accessing sensitive data, and potentially compromising the entire system.

Because the attacker can escalate privileges, the impact is considered high, as indicated by the CVSS score of 7.3.

Mitigation Strategies

The vulnerability has been resolved in WatchGuard Mobile VPN with SSL client for Windows version 2026.2.1.

To mitigate this vulnerability, you should immediately update the affected client software to version 2026.2.1 or later.

No workaround is available, so applying the update is the only effective mitigation step.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-13079. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart