Out-of-Bounds Write Vulnerability in Palo Alto Networks Terminal Services Agent
CVE-2017-5329

7.8HIGH

Key Information:

Vendor

Palo Alto Networks
Status
Terminal Services Agent
Vendor
CVE Published:
27 January 2017

What is CVE-2017-5329?

The Terminal Services Agent from Palo Alto Networks before version 7.0.7 is susceptible to an out-of-bounds write vulnerability. This flaw allows local users to escalate their privileges by exploiting specific vectors that trigger improper memory access, potentially leading to unauthorized actions within the system.

References

http://www.securityfocus.com/bid/95818
vdb-entryx_refsource_BID
https://www.exploit-db.com/exploits/41176/
exploitx_refsource_EXPLOIT-DB
https://security.paloaltonetworks.com/CVE-2017-5329
x_refsource_CONFIRM

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.