CVE-2026-6787

HIGH

Usage of a hard-coded cryptographic key in WatchGuard Agent allows inclusion of code into existing process

Title source: cna

Description

Use of Hard-coded Cryptographic Key vulnerability in WatchGuard Agent on Windows allows Inclusion of Code in Existing Process.This issue affects WatchGuard Agent: before 1.25.03.0000.

References (1)

Core 1

Core References

https://www.watchguard.com/wgrd-psirt/advisory/WGSA-2026-00013

Scores

CVSS v3 7.8

EPSS 0.0010

EPSS Percentile 1.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-321

Status published

Products (2)

watchguard/agent < 1.25.03.0000

WatchGuard/WatchGuard Agent < 1.25.03.0000

Published May 06, 2026

Tracked Since May 06, 2026