wid-sec-w-2026-0703 · Published 2026-03-11 · View on BSI CERT-Bund ↗

Forcepoint Next Generation Firewall Engine: Vulnerability allows Privilegieneskalation

CVSS 7.3 HIGH

Risk Summary

Execution with unnecessary privileges in Forcepoint NGFW Engine allows local privilege escalation.This issue affects NGFW Engine through 6.10.19, through 7.3.0, through 7.2.4, through 7.1.10.

CVEs (1)

CVE-2025-12690

Affected Vendors

Forcepoint

Affected Products (8)

Forcepoint · Next Generation Firewall Engine <6.10.20

Forcepoint · Next Generation Firewall Engine 6.10.20

Forcepoint · Next Generation Firewall Engine <7.1.11

Forcepoint · Next Generation Firewall Engine 7.1.11

Forcepoint · Next Generation Firewall Engine <7.2.5

Forcepoint · Next Generation Firewall Engine 7.2.5

Forcepoint · Next Generation Firewall Engine <7.3.1

Forcepoint · Next Generation Firewall Engine 7.3.1

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more