Local Privilege Escalation in Forcepoint NGFW Engine
CVE-2025-12690

7.3HIGH

Key Information:

Vendor: Forcepoint
Status: Ngfw Engine
Vendor: CVE Published:; 11 March 2026

What is CVE-2025-12690?

The Forcepoint NGFW Engine has a vulnerability that allows an attacker to execute commands with unnecessary privileges, leading to local privilege escalation. This issue spans multiple versions, enabling unauthorized users to gain elevated access and potentially compromise system integrity.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

NGFW Engine Linux 0 <= 6.10.19

NGFW Engine Linux 0 <= 7.3.0

NGFW Engine Linux 0 <= 7.2.4

References

https://support.forcepoint.com/s/article/Security-Advisor...

CVSS V4

Score:

7.3

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 11, 2026
Vulnerability Reserved
Nov 4, 2025

Credit

Francesco Caserta, Andrea Lomuscio and Alessandro Ruggieri of the Italian National Cybersecurity Agency

JSON

Forcepoint

What is CVE-2025-12690?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V4

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.