PT-2023-20554 · Watchguard · Watchguard Epdr

Antón Ortigueira Vázquez

Publicado

2023-10-05

Atualizado

2024-09-19

CVE-2023-26237

CVSS v3.1

6.7

Média

Vetor

AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions WatchGuard EPDR version 8.0.21.0002

Description An issue was discovered in WatchGuard EPDR, where it is possible to bypass the defensive capabilities by adding a registry key as SYSTEM.

Recommendations For WatchGuard EPDR version 8.0.21.0002, consider restricting system-level access to prevent the addition of malicious registry keys as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

IDOR

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-639

Identificadores relacionados

CVE-2023-26237

Produtos afetados

Watchguard Epdr

PT-2023-20554 · Watchguard · Watchguard Epdr

CVE-2023-26237

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5