Skip to main content

Next Generation Firewall CVE-2025-12690

HIGH
Execution with Unnecessary Privileges (CWE-250)
2026-03-11 psirt@forcepoint.com
7.3
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
7.3 HIGH
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

3
CVSS changed
May 07, 2026 - 21:07 NVD
7.3 (HIGH)
Analysis Generated
Mar 12, 2026 - 22:06 vuln.today
CVE Published
Mar 11, 2026 - 16:16 nvd
N/A

DescriptionCVE.org

Execution with unnecessary privileges in Forcepoint NGFW Engine allows local privilege escalation.This issue affects NGFW Engine through 6.10.19, through 7.3.0, through 7.2.4, through 7.1.10.

AnalysisAI

Execution with unnecessary privileges in Forcepoint NGFW Engine allows local privilege escalation.This issue affects NGFW Engine versions up to 6.10.19 is affected by execution with unnecessary privileges.

Technical ContextAI

This vulnerability (CWE-250: Execution with Unnecessary Privileges) affects Execution with unnecessary privileges in Forcepoint NGFW Engine allows local privilege escalation.This issue affects NGFW Engine. Execution with unnecessary privileges in Forcepoint NGFW Engine allows local privilege escalation.This issue affects NGFW Engine through 6.10.19, through 7.3.0, through 7.2.4, through 7.1.10.

RemediationAI

Monitor vendor advisories for a patch.

Share

CVE-2025-12690 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy