Primary

Context

WatchGuard Agent Hard-Coded Cryptographic Key Vulnerability Allowing Code Injection on Windows

Vulnerability

A vulnerability in WatchGuard Agent for Windows, prior to version 1.25.03.0000, involves the use of a hard-coded cryptographic key. This vulnerability allows for the inclusion of code in an existing process, potentially leading to unauthorized actions or access.

Impact

Exploitation of this vulnerability could result in local privilege escalation to the SYSTEM level.

Remediation

Users can upgrade to WatchGuard Agent for Windows version 1.25.03.0000 to address this vulnerability.

Added: May 6, 2026, 6:56 PM

Updated: May 6, 2026, 6:56 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

2.9

remediation

0.0

relevance

7.6

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

2.9

remediation

0.0

relevance

7.6

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

WatchGuard Agent Hard-Coded Cryptographic Key Vulnerability Allowing Code Injection on Windows

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating