WatchGuard Endpoint Protection Privilege Escalation in PSANHost Enables Arbitrary File Delete as SYSTEM
CVE-2024-8424

7.8HIGH

Key Information:

Vendor
Watchguard
Status
Epdr
Panda Ad360
Panda Dome
Vendor
CVE Published:
8 November 2024

Summary

A vulnerability exists in WatchGuard EPDR, Panda AD360, and Panda Dome software that allows an attacker to improperly manage privileges. Located within the PSANHost.exe module on Windows, the flaw facilitates arbitrary file deletion by leveraging SYSTEM-level permissions. This oversight poses significant risks to system integrity and data security, particularly for users operating versions prior to the specified updates. Organizations utilizing these products should prioritize implementing the latest versions to mitigate potential exploitation.

Affected Version(s)

EPDR Windows 0 < 8.00.23.0000

Panda AD360 Windows 0 < 8.00.23.0000

Panda Dome Windows 0 < 22.03.00

References

https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-...

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

.
CVE-2024-8424 : WatchGuard Endpoint Protection Privilege Escalation in PSANHost Enables Arbitrary File Delete as SYSTEM | SecurityVulnerability.io