PT-2024-39002 · Watchguard+1 · Watchguard Epdr+2
Published
2024-11-07
·
Updated
2024-11-20
·
CVE-2024-8424
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
WatchGuard EPDR versions prior to 8.00.23.0000
Panda AD360 versions prior to 8.00.23.0000
Panda Dome versions prior to 22.03.00
Description:
The issue is related to improper privilege management, allowing local attackers to escalate privileges on affected installations. This vulnerability enables arbitrary file deletion with SYSTEM permissions. The
PSANHost.exe module is specifically affected.Recommendations:
For WatchGuard EPDR versions prior to 8.00.23.0000, update to version 8.00.23.0000 or later.
For Panda AD360 versions prior to 8.00.23.0000, update to version 8.00.23.0000 or later.
For Panda Dome versions prior to 22.03.00, update to version 22.03.00 or later.
As a temporary workaround, consider restricting access to the
PSANHost.exe module to minimize the risk of exploitation.Fix
Improper Privilege Management
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Panda Ad360
Panda Dome
Watchguard Epdr