Headline
CVE-2023-26236: WatchGuard EPDR and AD360 Local Privilege Escalation | WatchGuard Technologies
An issue was discovered in WatchGuard EPDR 8.0.21.0002. Due to a weak implementation of message handling between WatchGuard EPDR processes, it is possible to perform a Local Privilege Escalation on Windows by sending a crafted message to a named pipe.
Advisory ID
WGSA-2023-00004
Published Date
2023-09-28
Workaround Available
False
CVSS Vector
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
WatchGuard EPDR and Panda AD360 versions up to, and including, 8.00.22.0009 allows an adversary with local access to achieve privilege escalation by providing crafted parameters to a protection agent component.
Affected
WatchGuard EPDR and Panda AD360 versions before 8.00.22.0010
Resolution
WatchGuard EPDR and Panda AD360 version 8.00.22.0010
Credits
Marcos Díaz Castiñeiras (https://www.linkedin.com/in/mdiazcast/) and Antón Ortigueira Vázquez (https://www.linkedin.com/in/antonortigueira/) from BlackArrow (Tarlogic).
Advisory Product List
Product Family
Product Branch
Product List