Uncontrolled search path in PluginLauncher allows SYSTEM code execution in...

8.5 / 10

HIGH

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Description

Uncontrolled Search Path Element vulnerability in WatchGuard Agent on Windows allows Using Malicious Files.This issue affects WatchGuard Agent before 1.25.03.0000.

AI Analysis

Uncontrolled search path vulnerability in WatchGuard Agent allows malicious file execution

Basic Information

ID CVE-2026-6788

Source WatchGuard

Published May 6, 2026 at 15:46

Modified May 6, 2026 at 16:13

Affected Product

Vendor WatchGuard

Product WatchGuard Agent

Affected Versions WatchGuard WatchGuard Agent 0

CWE Classification

CWE-427

AI Assessment

AI Score 8.5 / 10

AI Severity High

Vendor WatchGuard

Product WatchGuard Agent

Version before 1.25.03.0000

References

www.watchguard.com /wgrd-psirt/advisory/WGSA-2026-00013

{
    "lastseen": "",
    "description": "Uncontrolled Search Path Element vulnerability in WatchGuard Agent on Windows allows Using Malicious Files.This issue affects WatchGuard Agent before 1.25.03.0000.",
    "published": "2026-05-06T15:46:48.269Z",
    "modified": "2026-05-06T16:13:28.284Z",
    "type": "cve",
    "title": "Uncontrolled search path in PluginLauncher allows SYSTEM code execution in WatchGuard Agent",
    "source": "WatchGuard",
    "references": "https://www.watchguard.com/wgrd-psirt/advisory/WGSA-2026-00013",
    "id": "CVE-2026-6788",
    "bulletinFamily": "",
    "cwe": [
        "CWE-427"
    ],
    "cvelist": null,
    "sourceData": "WatchGuard WatchGuard Agent 0",
    "sourceHref": "",
    "cvss": {
        "score": 8.5,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "WatchGuard Agent",
    "version": "0",
    "vendor": "WatchGuard",
    "ai_description": "Uncontrolled search path vulnerability in WatchGuard Agent allows malicious file execution",
    "ai_severity": "High",
    "ai_vendor": "WatchGuard",
    "ai_product": "WatchGuard Agent",
    "ai_version": "before 1.25.03.0000",
    "ai_score": 8.5
}

Uncontrolled search path in PluginLauncher allows SYSTEM code execution in WatchGuard Agent_CVE-2026-6788