Skip to main content

Workspace One Tunnel

1 CVEs product

Monthly

CVE-2026-22927 HIGH This Week

Local privilege escalation in Omnissa Workspace ONE Tunnel for Windows lets an authenticated low-privileged local user abuse a path-traversal weakness (CWE-22) to gain higher (likely SYSTEM) privileges on the endpoint. The flaw affects the Windows Tunnel client used for per-app VPN in Workspace ONE managed fleets; no public exploit identified at time of analysis and it is not listed in CISA KEV. Impact is high across confidentiality, integrity, and availability, but exploitation is confined to attackers who already have a local foothold on the machine.

Privilege Escalation Path Traversal Microsoft Workspace One Tunnel
NVD VulDB
CVSS 3.1
7.8
EPSS
0.2%
EPSS 0% CVSS 7.8
HIGH This Week

Local privilege escalation in Omnissa Workspace ONE Tunnel for Windows lets an authenticated low-privileged local user abuse a path-traversal weakness (CWE-22) to gain higher (likely SYSTEM) privileges on the endpoint. The flaw affects the Windows Tunnel client used for per-app VPN in Workspace ONE managed fleets; no public exploit identified at time of analysis and it is not listed in CISA KEV. Impact is high across confidentiality, integrity, and availability, but exploitation is confined to attackers who already have a local foothold on the machine.

Privilege Escalation Path Traversal Microsoft +1
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy