WatchGuard EPDR and AD360 Anti-Tamper Protection Bypass Vulnerability
Advisory ID
WGSA-2023-00006
CVE
CVE-2023-26238
Impact
High
Status
Resolved
Product Family
Endpoint
Published Date
Updated Date
Workaround Available
False
CVSS Score
7.7
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Summary
WatchGuard EPDR and Panda AD360 versions up to, and including, 8.00.22.0009 allows an adversary with local access to bypass anti-tamper protection by sending crafted commands to the protection agent via IPC.
Affected
WatchGuard EPDR and Panda AD360 versions before 8.00.22.0010
Resolution
WatchGuard EPDR and Panda AD360 version 8.00.22.0010
Credits
Marcos Díaz Castiñeiras (https://www.linkedin.com/in/mdiazcast/) and Antón Ortigueira Vázquez (https://www.linkedin.com/in/antonortigueira/) from BlackArrow (Tarlogic).
Advisory Product List
| Product Family | Product Branch | Product List |
|---|---|---|
Endpoint
|
WatchGuard EPDR | EPP, EDR, EPDR, Advanced EPDR |
Endpoint
|
Panda AD360 | AD360 |