Security Advisory Detail

WatchGuard Endpoint pskmad_64.sys Out of Bounds Write Vulnerability

Advisory ID
WGSA-2024-00002
CVE
CVE-2023-6331
Impact
High
Status
Acknowledged
Product Family
Endpoint
Published Date
Updated Date
Workaround Available
True
CVSS Score
6.4
CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary

An out of bounds write vulnerability in the pskmad_64.sys driver as installed by the WatchGuard EPDR, Panda AD360 and Panda Dome windows clients could allow an authenticated local user with Administrator privileges to overflow allocated kernel memory and create a Denial of Service (DoS) condition, possibly leading to code execution with SYSTEM privileges in the target operating system.

Affected
  • WatchGuard EPDR and Panda AD360 up to and including 8.00.22.0022
  • Panda Dome up to and including 22.02.00
Resolution
  • WatchGuard EPDR and Panda AD360 8.00.22.0023
  • Panda Dome 22.02.01
Credits
Andreas Klopsch of Sophos X-Ops
Advisory Product List
Product Family
Product Branch
Product List
Endpoint
Panda Dome
Essential, Advanced, Complete, Premium
Endpoint
Panda AD360
AD360
Endpoint
WatchGuard EPDR
EPP, EDR, EPDR