WatchGuard Endpoint Protection Privilege Escalation in PSANHost Enables Arbitrary File Delete as SYSTEM
Advisory ID
WGSA-2024-00017
CVE
CVE-2024-8424
Impact
High
Status
Resolved
Product Family
Endpoint
Published Date
Updated Date
Workaround Available
True
CVSS Score
7.8
CVSS Vector
CVSS3.1:AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
An improper privilege management vulnerability in WatchGuard EPDR, Panda AD360 and Panda Dome on Windows (PSANHost.exe module) allows arbitrary file delete with SYSTEM permissions on affected systems.
Affected
This issue affects EPDR: before 8.00.23.0000; Panda AD360: before 8.00.23.0000; Panda Dome: before 22.03.00
Resolution
This issue is resolved in EPDR: 8.00.23.0000; Panda AD360: 8.00.23.0000; Panda Dome: 22.03.00
Credits
Anonymous working with Trend Micro Zero Day Initiative
Advisory Product List
Product Family
Product Branch
Product List
Endpoint
Panda Dome
Essential,
Advanced,
Complete,
Premium
Endpoint
WatchGuard EPDR
EPP,
EDR,
EPDR
Endpoint
Panda AD360
AD360