CVE-2026-6787— Usage of a hard-coded cryptographic key in WatchGuard Agent allows inclusion of code into existing process

AI Predicted 7.5 Difficulty: Moderate EPSS 0.01% · P3 Updated May 07, 2026

Possible ATT&CK Techniques 1AI

Affected Version Matrix 1

Vendor	Product	Version Range	Status
WatchGuard	WatchGuard Agent	`< 1.25.03.0000`	affected

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-6787

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Usage of a hard-coded cryptographic key in WatchGuard Agent allows inclusion of code into existing process

Source: NVD (National Vulnerability Database)

Vulnerability Description

Use of Hard-coded Cryptographic Key vulnerability in WatchGuard Agent on Windows allows Inclusion of Code in Existing Process.This issue affects WatchGuard Agent: before 1.25.03.0000.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

使用硬编码的密码学密钥

Source: NVD (National Vulnerability Database)

Vulnerability Title

WatchGuard Agent 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

WatchGuard Agent是美国WatchGuard公司的一款终端安全防护与设备管理代理程序。 WatchGuard Agent 1.25.03.0000之前版本存在安全漏洞，该漏洞源于使用硬编码加密密钥，可能导致代码包含在现有进程中。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
WatchGuard	WatchGuard Agent	0 ~ 1.25.03.0000	-

II. Public POCs for CVE-2026-6787

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2026-6787

请登录查看更多情报信息。

Vendor Advisories for CVE-2026-6787 (1)

🔗 WatchGuard Agent on Windows Local Privilege Escalation to SYSTEM via Chained Agent Service Vulnerabilities | WatchGuard Technologies

https://nvd.nist.gov/vuln/detail/CVE-2026-6787

Same Patch Batch · WatchGuard · 2026-05-06 · 4 CVEs total

CVE-2026-41287		Stack-based Buffer Overflow in WatchGuard Agent Discovery Service on Windows Causes Denial
CVE-2026-41288		WatchGuard Agent on Windows Privilege Escalation Vulnerability
CVE-2026-6788		Uncontrolled search path in PluginLauncher allows SYSTEM code execution in WatchGuard Agen

IV. Related Vulnerabilities

Same product: WatchGuard Agent

Same vendor: WatchGuard

Same weakness: CWE-321

V. Comments for CVE-2026-6787

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2026-6787— Usage of a hard-coded cryptographic key in WatchGuard Agent allows inclusion of code into existing process

Possible ATT&CK Techniques 1AI

Affected Version Matrix 1

I. Basic Information for CVE-2026-6787

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2026-6787

III. Intelligence Information for CVE-2026-6787

Vendor Advisories for CVE-2026-6787 (1)

Same Patch Batch · WatchGuard · 2026-05-06 · 4 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2026-6787

Leave a comment