CVE-2023-26236

Name of the Vulnerable Software and Affected Versions WatchGuard EPDR version 8.0.21.0002

Description The issue is related to insufficient access control in the Protection Agent component of WatchGuard Endpoint Protection, Detection and Response (EPDR) and Panda Adaptive Defense 360 (Panda AD360). Exploitation of this issue can allow an attacker to elevate privileges by sending specially crafted messages to a named pipe. This can lead to Local Privilege Escalation on Windows.

Recommendations For WatchGuard EPDR version 8.0.21.0002, consider restricting access to the named pipe to minimize the risk of exploitation until a patch is available. As a temporary workaround, avoid using the vulnerable message handling functionality between WatchGuard EPDR processes. At the moment, there is no information about a newer version that contains a fix for this vulnerability.