{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-2781", "assignerOrgId": "5d1c2695-1a31-4499-88ae-e847036fd7e3", "state": "PUBLISHED", "assignerShortName": "WatchGuard", "dateReserved": "2025-03-25T00:12:21.740Z", "datePublished": "2025-03-28T22:23:50.752Z", "dateUpdated": "2025-03-31T14:23:48.669Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["Windows"], "product": "Mobile VPN with SSL Client", "vendor": "WatchGuard", "versions": [{"lessThanOrEqual": "12.11", "status": "affected", "version": "11.0", "versionType": "semver"}]}], "datePublic": "2025-03-27T17:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<div><div>The WatchGuard Mobile VPN with SSL Client on Windows does not properly configure directory permissions when installed in a non-default directory. This could allow an authenticated local attacker to escalate to SYSTEM privileges on a vulnerable system.</div></div><p>This issue affects Mobile VPN with SSL Client: from 11.0 through 12.11.</p>"}], "value": "The WatchGuard Mobile VPN with SSL Client on Windows does not properly configure directory permissions when installed in a non-default directory. This could allow an authenticated local attacker to escalate to SYSTEM privileges on a vulnerable system.\n\n\n\nThis issue affects Mobile VPN with SSL Client: from 11.0 through 12.11."}], "impacts": [{"capecId": "CAPEC-233", "descriptions": [{"lang": "en", "value": "CAPEC-233 Privilege Escalation"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "baseScore": 6.3, "baseSeverity": "MEDIUM", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "HIGH", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:H/SI:H/SA:H", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-276", "description": "CWE-276 Incorrect Default Permissions", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "5d1c2695-1a31-4499-88ae-e847036fd7e3", "shortName": "WatchGuard", "dateUpdated": "2025-03-28T22:23:50.752Z"}, "references": [{"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-00004"}], "source": {"advisory": "WGSA-2025-00004", "defect": ["FBX-27510"], "discovery": "UNKNOWN"}, "title": "WatchGuard Mobile VPN with SSL Local Privilege Escalation via Non-Standard Installation Directory", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-03-31T14:23:31.758287Z", "id": "CVE-2025-2781", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-31T14:23:48.669Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-2781", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-03-31T14:23:31.758287Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-31T14:23:40.960Z"}}], "cna": {"title": "WatchGuard Mobile VPN with SSL Local Privilege Escalation via Non-Standard Installation Directory", "source": {"defect": ["FBX-27510"], "advisory": "WGSA-2025-00004", "discovery": "UNKNOWN"}, "impacts": [{"capecId": "CAPEC-233", "descriptions": [{"lang": "en", "value": "CAPEC-233 Privilege Escalation"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 6.3, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:H/SI:H/SA:H", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "HIGH", "vulnIntegrityImpact": "LOW", "subAvailabilityImpact": "HIGH", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "WatchGuard", "product": "Mobile VPN with SSL Client", "versions": [{"status": "affected", "version": "11.0", "versionType": "semver", "lessThanOrEqual": "12.11"}], "platforms": ["Windows"], "defaultStatus": "unaffected"}], "datePublic": "2025-03-27T17:00:00.000Z", "references": [{"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-00004"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "The WatchGuard Mobile VPN with SSL Client on Windows does not properly configure directory permissions when installed in a non-default directory. This could allow an authenticated local attacker to escalate to SYSTEM privileges on a vulnerable system.\n\n\n\nThis issue affects Mobile VPN with SSL Client: from 11.0 through 12.11.", "supportingMedia": [{"type": "text/html", "value": "<div><div>The WatchGuard Mobile VPN with SSL Client on Windows does not properly configure directory permissions when installed in a non-default directory. This could allow an authenticated local attacker to escalate to SYSTEM privileges on a vulnerable system.</div></div><p>This issue affects Mobile VPN with SSL Client: from 11.0 through 12.11.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-276", "description": "CWE-276 Incorrect Default Permissions"}]}], "providerMetadata": {"orgId": "5d1c2695-1a31-4499-88ae-e847036fd7e3", "shortName": "WatchGuard", "dateUpdated": "2025-03-28T22:23:50.752Z"}}}, "cveMetadata": {"cveId": "CVE-2025-2781", "state": "PUBLISHED", "dateUpdated": "2025-03-31T14:23:48.669Z", "dateReserved": "2025-03-25T00:12:21.740Z", "assignerOrgId": "5d1c2695-1a31-4499-88ae-e847036fd7e3", "datePublished": "2025-03-28T22:23:50.752Z", "assignerShortName": "WatchGuard"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The WatchGuard Mobile VPN with SSL Client on Windows does not properly configure directory permissions when installed in a non-default directory. This could allow an authenticated local attacker to escalate to SYSTEM privileges on a vulnerable system.\n\n\n\nThis issue affects Mobile VPN with SSL Client: from 11.0 through 12.11."}, {"lang": "es", "value": "WatchGuard Mobile VPN with SSL Client en Windows no configura correctamente los permisos de directorio al instalarse en un directorio distinto al predeterminado. Esto podr\u00eda permitir que un atacante local autenticado obtenga privilegios de SYSTEM en un sistema vulnerable. Este problema afecta a Mobile VPN con SSL desde la versi\u00f3n 11.0 hasta la 12.11."}], "id": "CVE-2025-2781", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "HIGH", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "5d1c2695-1a31-4499-88ae-e847036fd7e3", "type": "Secondary"}]}, "published": "2025-03-28T23:15:18.157", "references": [{"source": "5d1c2695-1a31-4499-88ae-e847036fd7e3", "url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-00004"}], "sourceIdentifier": "5d1c2695-1a31-4499-88ae-e847036fd7e3", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-276"}], "source": "5d1c2695-1a31-4499-88ae-e847036fd7e3", "type": "Secondary"}]}

{}

{}