CVE Vulnerabilities

CVE-2025-12690

Execution with Unnecessary Privileges

Published: Mar 11, 2026 | Modified: May 07, 2026
CVSS 3.x
7.8
HIGH
Source:
NVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu
root.io logo minimus.io logo echo.ai logo

Execution with unnecessary privileges in Forcepoint NGFW Engine allows local privilege escalation.This issue affects NGFW Engine through 6.10.19, through 7.3.0, through 7.2.4, through 7.1.10.

Weakness

The product performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.

Affected Software

NameVendorStart VersionEnd Version
Next_generation_firewallForcepoint*6.10.20 (excluding)
Next_generation_firewallForcepoint7.1.0 (including)7.1.11 (excluding)
Next_generation_firewallForcepoint7.2.0 (including)7.2.5 (excluding)
Next_generation_firewallForcepoint7.3.0 (including)7.3.0 (including)

Potential Mitigations

References