WatchGuard Endpoint Protection Privilege Escalation in PSANHost Enables Arbitrary File Delete as SYSTEM
Advisory ID
WGSA-2024-00017
CVE
CVE-2024-8424
Impact
High
Status
Resolved
Product Family
Endpoint
Published Date
Updated Date
Workaround Available
False
CVSS Score
7.8
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
An improper privilege management vulnerability in WatchGuard EPDR, Panda AD360 and Panda Dome on Windows (PSANHost.exe module) allows arbitrary file delete with SYSTEM permissions on affected systems.
Affected
This issue affects EPDR: before 8.00.23.0000; Panda AD360: before 8.00.23.0000; Panda Dome: before 22.03.00
Resolution
This issue is resolved in EPDR: 8.00.23.0000; Panda AD360: 8.00.23.0000; Panda Dome: 22.03.00
Credits
Anonymous working with Trend Micro Zero Day Initiative
Advisory Product List
| Product Family | Product Branch | Product List |
|---|---|---|
Endpoint
|
Panda AD360 | AD360 |
Endpoint
|
WatchGuard EPDR | EPP, EDR, EPDR, Advanced EPDR |
Endpoint
|
Panda Dome | Essential, Advanced, Complete, Premium |