A vulnerability has been discovered in the Forcepoint VPN Client software for Windows. The flaw could enable an attacker with an existing foothold on a system to achieve an escalation of privilege, persistence and in some cases defense evasion. A fix, delivered in version 6.6.1 of the software, is available now, according to Forcepoint. The vulnerability has a CVSSv3 Base Score of 6.5, making it a medium-severity vulnerability. It was first reported on Sept. 5, 2019; Forcepoint patched and disclosed the flaw.
Source: https://threatpost.com/forcepoint-vpn-client-is-vulnerable-to-privilege-escalation-attacks/148544/