WatchGuard Endpoint pskmad_64.sys Arbitrary Memory Read Vulnerability
Advisory ID
WGSA-2024-00003
CVE
CVE-2023-6332
Impact
Medium
Status
Investigating
Product Family
Endpoint
Published Date
Updated Date
Workaround Available
True
CVSS Score
4.1
CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary
An arbitrary kernel memory read vulnerability in the pskmad_64.sys driver as installed by the WatchGuard EPDR, Panda AD360 and Panda Dome windows clients could allow an authenticated local user with Administrator privileges to leak data from arbitrary kernel memory locations in the target operating system.
Affected
- WatchGuard EPDR and Panda AD360 up to and including 8.00.22.0022
- Panda Dome up to and including 22.02.00
Resolution
- WatchGuard EPDR and Panda AD360 8.00.22.0023
- Panda Dome 22.02.01
Credits
Andreas Klopsch of Sophos X-Ops
Advisory Product List
Product Family
Product Branch
Product List
Endpoint
Panda Dome
Essential,
Advanced,
Complete,
Premium
Endpoint
Panda AD360
AD360
Endpoint
WatchGuard EPDR
EPP,
EDR,
EPDR