Improper Directory Permission Configuration in WatchGuard Terminal Services Agent
CVE-2025-2782

6.3MEDIUM

Key Information:

Vendor: Watchguard
Status: Terminal Services Agent
Vendor: CVE Published:; 28 March 2025

What is CVE-2025-2782?

The WatchGuard Terminal Services Agent on Windows is susceptible to improper directory permissions when installed in non-default locations. This configuration flaw enables an authenticated local attacker to gain escalated SYSTEM privileges on the affected system, potentially allowing for the execution of arbitrary code with elevated permissions. Users are encouraged to review their installation settings and ensure default directory configurations to mitigate this risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Terminal Services Agent Windows 12.0 <= 12.10

References

https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-...

CVSS V4

Score:

6.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
Mar 28, 2025

JSON

Watchguard

What is CVE-2025-2782?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V4

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.