漏洞概述 漏洞名称: WatchGuard Mobile VPN with SSL Windows Client Local Privilege Escalation 漏洞ID: WGSA-2026-00027 CVE编号: CVE-2026-13079 影响等级: High 状态: Resolved 产品家族: Firebox 发布日期: 2026-07-02 更新日期: 2026-07-02 CVSS评分: 7.3 CVSS向量: CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L 摘要: 本地特权升级漏洞,允许本地攻击者将权限提升至NT AUTHORITY\SYSTEM。 影响范围 受影响产品: Mobile VPN with SSL client for Windows up to and including 2026.2 具体产品列表: - Firebox Fireware OS 12.5.x: T15, T35 - Firebox Fireware OS 2025.1.x: T115-W, T125-W, T145, T145-W, T185, M295, M395, M495, M595, M695 - Firebox Fireware OS 12.x: T20, T25, T40, T45, T55, T70, T80, T85, M270, M290, M370, M390, M470, M570, M590, M670, M690, M440, M4600, M4800, M5600, M5800, Firebox Cloud, Firebox NV5, FireboxV 修复方案 解决方案: 升级到Mobile VPN with SSL client for Windows version 2026.2.1 其他信息 Credits: Paul Arzeler, Truesec Workaround Available: False 代码块 页面中未包含POC代码或利用代码。