{"document":{"category":"csaf_vex","csaf_version":"2.0","title":"CVE-2026-13079: WatchGuard Mobile VPN with SSL Windows Client Local Privilege Escalation","publisher":{"category":"vendor","name":"HarborGuard Database","namespace":"https://database.harborguard.co"},"tracking":{"id":"CVE-2026-13079","status":"final","version":"1","initial_release_date":"2026-07-02T23:07:30.489Z","current_release_date":"2026-07-02T23:07:30.489Z","revision_history":[{"date":"2026-07-02T23:07:30.489Z","number":"1","summary":"Initial machine-readable export from HarborGuard."}]},"distribution":{"tlp":{"label":"WHITE"},"text":"Public CVE data; freely redistributable."},"notes":[{"category":"description","text":"A local privilege escalation vulnerability in the WatchGuard Mobile VPN with SSL client for Windows allows a local attacker to escalate their privileges to NT AUTHORITY\\SYSTEM on the machine where the client is installed.\n\nThis issue affects the Mobile VPN with SSL client for Windows up to and including 2026.2.","title":"CVE description"}],"references":[{"category":"self","summary":"CVE-2026-13079 on HarborGuard Database","url":"https://database.harborguard.co/cve/CVE-2026-13079"},{"category":"external","summary":"CVE Record","url":"https://www.cve.org/CVERecord?id=CVE-2026-13079"},{"category":"external","summary":"watchguard.com","url":"https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2026-00027"}]},"product_tree":{"branches":[{"category":"vendor","name":"WatchGuard","branches":[{"category":"product_name","name":"Fireware OS","branches":[{"category":"product_version_range","name":">=12.0 <=12.12","product":{"name":"WatchGuard Fireware OS >=12.0 <=12.12","product_id":"CSAFPID-1","product_identification_helper":{"cpe":"cpe:2.3:a:watchguard:fireware_os:*:*:*:*:*:*:*:*"}}},{"category":"product_version_range","name":">=2025.1 <=2026.2","product":{"name":"WatchGuard Fireware OS >=2025.1 <=2026.2","product_id":"CSAFPID-2","product_identification_helper":{"cpe":"cpe:2.3:a:watchguard:fireware_os:*:*:*:*:*:*:*:*"}}}]}]}]},"vulnerabilities":[{"cve":"CVE-2026-13079","title":"WatchGuard Mobile VPN with SSL Windows Client Local Privilege Escalation","notes":[{"category":"description","text":"A local privilege escalation vulnerability in the WatchGuard Mobile VPN with SSL client for Windows allows a local attacker to escalate their privileges to NT AUTHORITY\\SYSTEM on the machine where the client is installed.\n\nThis issue affects the Mobile VPN with SSL client for Windows up to and including 2026.2.","title":"CVE description"}],"product_status":{"known_affected":["CSAFPID-1","CSAFPID-2"]},"scores":[{"cvss_v4":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L","baseScore":7.3,"baseSeverity":"HIGH"},"products":["CSAFPID-1","CSAFPID-2"]}],"remediations":[{"category":"none_available","details":"No fixed version is published yet. Monitor the upstream advisory.","product_ids":["CSAFPID-1","CSAFPID-2"]}]}]}