CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2026-6788 – Uncontrolled search path in PluginLauncher allows SYSTEM code execution in WatchGuard Agent
https://notcve.org/view.php?id=CVE-2026-6788
06 May 2026 — Uncontrolled Search Path Element vulnerability in WatchGuard Agent on Windows allows Using Malicious Files.This issue affects WatchGuard Agent before 1.25.03.0000. • https://www.watchguard.com/wgrd-psirt/advisory/WGSA-2026-00013 • CWE-427: Uncontrolled Search Path Element •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2026-6787 – Usage of a hard-coded cryptographic key in WatchGuard Agent allows inclusion of code into existing process
https://notcve.org/view.php?id=CVE-2026-6787
06 May 2026 — Use of Hard-coded Cryptographic Key vulnerability in WatchGuard Agent on Windows allows Inclusion of Code in Existing Process.This issue affects WatchGuard Agent: before 1.25.03.0000. • https://www.watchguard.com/wgrd-psirt/advisory/WGSA-2026-00013 • CWE-321: Use of Hard-coded Cryptographic Key •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2026-41286 – Stack-based Buffer Overflow in WatchGuard Agent Discovery Service on Windows Causes Denial of Service - Variant B
https://notcve.org/view.php?id=CVE-2026-41286
06 May 2026 — Stack-based Buffer Overflow vulnerability in the WatchGuard Agent discovery service on Windows allows Overflow Buffers. An unauthenticated attacker on the same local network could exploit this vulnerability to crash the agent service. • https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2026-00011 • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2026-41288 – WatchGuard Agent on Windows Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2026-41288
06 May 2026 — Incorrect permission assignment for a resource in the patch management component of the WatchGuard Agent on Windows allows an authenticated local user to elevate their privileges to NT AUTHORITY\\SYSTEM. • https://www.watchguard.com/wgrd-psirt/advisory/WGSA-2026-00011 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2026-41287 – Stack-based Buffer Overflow in WatchGuard Agent Discovery Service on Windows Causes Denial of Service - Variant A
https://notcve.org/view.php?id=CVE-2026-41287
06 May 2026 — Stack-based Buffer Overflow vulnerability in the WatchGuard Agent discovery service on Windows allows Overflow Buffers. An unauthenticated attacker on the same local network could exploit this vulnerability to crash the agent service. • https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2026-00010 • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-36632 – Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2025-36632
16 Jun 2025 — In Tenable Agent versions prior to 10.8.5 on a Windows host, it was found that a non-administrative user could execute code with SYSTEM privilege. • https://www.tenable.com/security/tns-2025-11 • CWE-276: Incorrect Default Permissions •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2025-36631 – Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2025-36631
13 Jun 2025 — In Tenable Agent versions prior to 10.8.5 on a Windows host, it was found that a non-administrative user could overwrite arbitrary local system files with log content at SYSTEM privilege. • https://www.tenable.com/security/tns-2025-11 • CWE-269: Improper Privilege Management •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-36633 – Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2025-36633
13 Jun 2025 — In Tenable Agent versions prior to 10.8.5 on a Windows host, it was found that a non-administrative user could arbitrarily delete local system files with SYSTEM privilege, potentially leading to local privilege escalation. • https://www.tenable.com/security/tns-2025-11 • CWE-269: Improper Privilege Management •
CVSS: 8.2EPSS: 0%CPEs: 2EXPL: 0CVE-2024-0213
https://notcve.org/view.php?id=CVE-2024-0213
09 Jan 2024 — A buffer overflow vulnerability in TA for Linux and TA for MacOS prior to 5.8.1 allows a local user to gain elevated permissions, or cause a Denial of Service (DoS), through exploiting a memory corruption issue in the TA service, which runs as root. This may also result in the disabling of event reporting to ePO, caused by failure to validate input from the file correctly. Vulnerabilidad de desbordamiento de búfer en TA para Linux y TA para MacOS anteriores a 5.8.1 permite a un usuario local obtener permiso... • https://kcm.trellix.com/corporate/index?page=content&id=SB10416 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2023-45247
https://notcve.org/view.php?id=CVE-2023-45247
09 Oct 2023 — Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 36497. Divulgación y manipulación de información sensible por falta de autorización. Los siguientes productos se ven afectados: Acronis Agent (Linux, macOS, Windows) antes de la compilación 36497. Sensitive information disclosure and manipulation due to missing authorization. • https://security-advisory.acronis.com/advisories/SEC-6600 • CWE-862: Missing Authorization •