WatchGuard EPDR and AD360 Local Privilege Escalation

Advisory ID

WGSA-2023-00004

CVE

CVE-2023-26236

Impact

High

Status

Resolved

Product Family

Endpoint

Published Date

2023-09-28

Updated Date

2023-09-28

Workaround Available

False

CVSS Score

7.8

CVSS Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

WatchGuard EPDR and Panda AD360 versions up to, and including, 8.00.22.0009 allows an adversary with local access to achieve privilege escalation by providing crafted parameters to a protection agent component.

Affected

WatchGuard EPDR and Panda AD360 versions before 8.00.22.0010

Resolution

WatchGuard EPDR and Panda AD360 version 8.00.22.0010

Credits

Marcos Díaz Castiñeiras (https://www.linkedin.com/in/mdiazcast/) and Antón Ortigueira Vázquez (https://www.linkedin.com/in/antonortigueira/) from BlackArrow (Tarlogic).

Advisory Product List

Product Family

Product Branch

Product List

Endpoint

Panda AD360

AD360

Endpoint

WatchGuard EPDR

EPP, EDR, EPDR

< Lista de Avisos

Go to