CVE-2026-41288

Published: Mag 06, 2026 Last Modified: Mag 06, 2026

ExploitDB:

Other exploit source:

Google Dorks:

HIGH 7,3

Source: 5d1c2695-1a31-4499-88ae-e847036fd7e3

Attack Vector: local

Attack Complexity: low

Privileges Required: low

User Interaction: none

Confidentiality: N/A

Integrity: N/A

Availability: N/A

Description

AI Translation Available

Incorrect permission assignment for a resource in the patch management component of the WatchGuard Agent on Windows allows an authenticated local user to elevate their privileges to NT AUTHORITY\\SYSTEM.

732

Incorrect Permission Assignment for Critical Resource

Draft

Abstraction: Class Structure: Simple

Common Consequences

Security Scopes Affected:

Confidentiality Access Control Integrity Other

Potential Impacts:

Read Application Data Read Files Or Directories Gain Privileges Or Assume Identity Modify Application Data Other

Applicable Platforms

Technologies: Cloud Computing, Not Technology-Specific

Likelihood of Exploit: High

View CWE Details

https://www.watchguard.com/wgrd-psirt/advisory/WGSA-2026-00…

https://www.watchguard.com/wgrd-psirt/advisory/WGSA-2026-00011

CVE-2026-41288

Description

Incorrect Permission Assignment for Critical Resource

Common Consequences

Applicable Platforms

Iscriviti alla newsletter