Description
Execution with unnecessary privileges in Forcepoint NGFW Engine allows local privilege escalation.This issue affects NGFW Engine through 6.10.19, through 7.3.0, through 7.2.4, through 7.1.10.
Published: 2026-03-11
Score: 7.3 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability allows an entity with local access to gain unnecessary privileges in the Forcepoint NGFW Engine, enabling a local privilege escalation. This can result in the attacker acquiring higher privileges on the device, as described by the vendor advisory.

Affected Systems

Affected products include Forcepoint NGFW Engine. Versions affected are all releases up to and including 6.10.19, 7.1.10, 7.2.4, and 7.3.0, as indicated by the vendor’s reference list.

Risk and Exploitability

The CVSS score of 7.3 classifies it as a high‑severity flaw, but the EPSS score of less than 1% suggests a low probability of exploitation in the wild. Since the vulnerability requires local access, the attack vector is local, limiting exposure to the device’s operator or someone physically present. The flaw is not listed in the CISA KEV catalog. Exploitation would result in the attacker gaining higher privileges on the device.

Generated by OpenCVE AI on May 7, 2026 at 23:22 UTC.

Remediation

Vendor Solution

Upgrade to versions 6.10.20, 7.1.11, 7.2.5 and 7.3.1.

OpenCVE Recommended Actions

  • Upgrade Forcepoint NGFW Engine to versions 6.10.20, 7.1.11, 7.2.5, or 7.3.1, or any later releases that contain the fix.
  • Enforce strict local access controls: disable or lock unused local accounts, require strong passwords, and restrict physical access to the device.
  • Enable audit logging for configuration changes and monitor logs for unauthorized modifications to the engine’s configuration files.

Generated by OpenCVE AI on May 7, 2026 at 23:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 07 May 2026 21:00:00 +0000

Type Values Removed Values Added
First Time appeared Forcepoint next Generation Firewall
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:a:forcepoint:next_generation_firewall:*:*:*:*:*:*:*:*
cpe:2.3:a:forcepoint:next_generation_firewall:7.3.0:*:*:*:*:*:*:*
Vendors & Products Forcepoint next Generation Firewall
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

Thu, 12 Mar 2026 10:15:00 +0000

Type Values Removed Values Added
First Time appeared Forcepoint
Forcepoint ngfw Engine
Vendors & Products Forcepoint
Forcepoint ngfw Engine

Wed, 11 Mar 2026 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 11 Mar 2026 16:00:00 +0000

Type Values Removed Values Added
Description Execution with unnecessary privileges in Forcepoint NGFW Engine allows local privilege escalation.This issue affects NGFW Engine through 6.10.19, through 7.3.0, through 7.2.4, through 7.1.10.
Title Local Privilege Escalation in NGFW Engine
Weaknesses CWE-250
References
Metrics cvssV4_0

{'score': 7.3, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Forcepoint Next Generation Firewall Ngfw Engine
cve-icon MITRE

Status: PUBLISHED

Assigner: forcepoint

Published:

Updated: 2026-03-11T16:10:28.588Z

Reserved: 2025-11-04T10:07:46.152Z

Link: CVE-2025-12690

cve-icon Vulnrichment

Updated: 2026-03-11T16:10:25.394Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-11T16:16:18.233

Modified: 2026-05-07T20:55:29.093

Link: CVE-2025-12690

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-07T23:30:40Z

Weaknesses