Vulnerability in WatchGuard EPDR Allows Manipulation of Defensive Capabilities
CVE-2023-26238

5.5MEDIUM

Key Information:

Vendor: Watchguard
Status: Epp Firmware
Vendor: CVE Published:; 5 October 2023

What is CVE-2023-26238?

A critical issue has been identified in WatchGuard EPDR version 8.0.21.0002, where an attacker can manipulate the system's defensive functionalities by sending specially crafted messages to a designated named pipe. This vulnerability poses significant risks as it could allow unauthorized adjustments to security settings, compromising the integrity of the security solution.

References

https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2023-...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 5, 2023
Vulnerability Reserved
Feb 20, 2023

Watchguard

What is CVE-2023-26238?

References

CVSS V3.1

Timeline