CVE Catalog

CVE-2025-12694

HighCVSS 7.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.10%

1th percentile - higher than 1% of all known CVEs

Summary

A local privilege escalation vulnerability in Forcepoint VPN Client for Windows versions 6.11.3 and prior allows a non-administrative user to escalate privileges to SYSTEM.

Risk Assessment

An attacker with local access can gain full control over the workstation, compromising data confidentiality, integrity, and availability.

Recommendation

Immediately update Forcepoint VPN Client to a version later than 6.11.3 where the vulnerability is fixed.

Original NVD description (English source)

A local privilege escalation vulnerability exists in Forcepoint VPN Client that allows a local non-administrative user to escalate privileges to SYSTEM. This issue affects VPN Client for Windows: versions 6.11.3 and prior.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS