WatchGuard Endpoint pskmad_64.sys Pool Memory Corruption Vulnerability
Advisory ID
WGSA-2024-00001
CVE
CVE-2023-6330
Impact
Medium
Status
Resolved
Product Family
Endpoint
Published Date
Updated Date
Workaround Available
True
CVSS Score
6.4
CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A memory pool overflow vulnerability in the pskmad_64.sys driver as installed by the WatchGuard EPDR, Panda AD360 and Panda Dome Windows clients could allow an authenticated local user with Administrator privileges to overflow the allocated kernel memory pool and create a Denial of Service (DoS) condition, possibly leading to code execution with SYSTEM privileges in the target operating system.
Affected
- WatchGuard EPDR and Panda AD360 up to and including 8.00.22.0022
- Panda Dome up to and including 22.02.00
Resolution
- WatchGuard EPDR and Panda AD360 version 8.00.22.0023
- Panda Dome version 22.02.01
Credits
Andreas Klopsch of Sophos X-Ops
Advisory Product List
Product Family
Product Branch
Product List
Endpoint
Panda Dome
Essential,
Advanced,
Complete,
Premium
Endpoint
Panda AD360
AD360
Endpoint
WatchGuard EPDR
EPP,
EDR,
EPDR