Out-of-Bounds Write Vulnerability in Palo Alto Networks Terminal Services Agent
CVE-2017-5329

7.8HIGH

Key Information:

Vendor
Palo Alto Networks
Status
Terminal Services Agent
Vendor
CVE Published:
27 January 2017

Summary

The Terminal Services Agent from Palo Alto Networks before version 7.0.7 is susceptible to an out-of-bounds write vulnerability. This flaw allows local users to escalate their privileges by exploiting specific vectors that trigger improper memory access, potentially leading to unauthorized actions within the system.

References

http://www.securityfocus.com/bid/95818
vdb-entryx_refsource_BID
https://www.exploit-db.com/exploits/41176/
exploitx_refsource_EXPLOIT-DB
https://security.paloaltonetworks.com/CVE-2017-5329
x_refsource_CONFIRM

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.