This vulnerability (CVE-2026-41288) involves improper permission assignment for a critical resource within the patch management component of the WatchGuard Agent on Windows. An authenticated local user can exploit this misconfiguration to escalate their privileges to the highest system level (NT AUTHORITY\SYSTEM). The CVSS 4.0 base score is 7.3, reflecting a high severity with low attack complexity and no user interaction required. The vulnerability does not affect cloud services and no official fix or mitigation has been published by WatchGuard as of the publication date.

An authenticated local user can gain SYSTEM-level privileges on the affected Windows system, potentially allowing full control over the system, including the ability to install software, change configurations, and access sensitive data. This elevates the risk of unauthorized system modifications and potential compromise of the host.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, restrict local user access to trusted personnel only and monitor for suspicious local activity. Avoid granting unnecessary local accounts on systems running the WatchGuard Agent.