PT-2016-5768 · Panda Security · Panda Endpoint Administration Agent

Kyriakos Economou

Published

2016-04-18

Updated

2021-09-09

CVE-2016-3943

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Panda Endpoint Administration Agent versions prior to 7.50.00

Description The issue allows local users to gain SYSTEM privileges by modifying an executable module due to a weak ACL for the Panda Security/WaAgent directory and sub-directories.

Recommendations For versions prior to 7.50.00, update to version 7.50.00 or later to resolve the issue.

Exploit

Fix

Incorrect Default Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-276

Related Identifiers

CVE-2016-3943

Affected Products

Panda Endpoint Administration Agent

PT-2016-5768 · Panda Security · Panda Endpoint Administration Agent

CVE-2016-3943

Weakness Enumeration

Related Identifiers

Affected Products

References · 5