WatchGuard EPDR and AD360 Anti-Tamper Protection Bypass Vulnerability

Advisory ID

WGSA-2023-00006

CVE

CVE-2023-26238

Impact

High

Status

Resolved

Product Family

Endpoint

Published Date

2023-09-28

Updated Date

2023-09-28

Workaround Available

False

CVSS Score

7.7

CVSS Vector

AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Summary

WatchGuard EPDR and Panda AD360 versions up to, and including, 8.00.22.0009 allows an adversary with local access to bypass anti-tamper protection by sending crafted commands to the protection agent via IPC.

Affected

WatchGuard EPDR and Panda AD360 versions before 8.00.22.0010

Resolution

WatchGuard EPDR and Panda AD360 version 8.00.22.0010

Credits

Marcos Díaz Castiñeiras (https://www.linkedin.com/in/mdiazcast/) and Antón Ortigueira Vázquez (https://www.linkedin.com/in/antonortigueira/) from BlackArrow (Tarlogic).

Advisory Product List

Product Family

Product Branch

Product List

Endpoint

Panda AD360

AD360

Endpoint

WatchGuard EPDR

EPP, EDR, EPDR

< Lista degli avvisi

Go to