Local Privilege Escalation in VPN Client
CVE-2025-12694

8.5HIGH

Key Information:

Vendor: Forcepoint
Status: Vpn Client
Vendor: CVE Published:; 4 June 2026

What is CVE-2025-12694?

A local privilege escalation vulnerability exists in Forcepoint VPN Client that allows a local non-administrative user to escalate privileges to SYSTEM. This issue affects VPN Client for Windows: versions 6.11.3 and prior.

Affected Version(s)

VPN Client Windows 0 <= 6.11.3

References

https://support.forcepoint.com/s/article/Security-Advisor...

CVSS V4

Score:

8.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 4, 2026
Vulnerability Reserved
Nov 4, 2025

Credit

Francisco Jose Carot Ripolles (KPMG Spain)

CVE-2025-12694 Data

JSON