Headline
CVE-2023-26238: WatchGuard EPDR and AD360 Anti-Tamper Protection Bypass Vulnerability | WatchGuard Technologies
An issue was discovered in WatchGuard EPDR 8.0.21.0002. It is possible to enable or disable defensive capabilities by sending a crafted message to a named pipe.
Advisory ID
WGSA-2023-00006
Published Date
2023-09-28
Workaround Available
False
CVSS Vector
AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Summary
WatchGuard EPDR and Panda AD360 versions up to, and including, 8.00.22.0009 allows an adversary with local access to bypass anti-tamper protection by sending crafted commands to the protection agent via IPC.
Affected
WatchGuard EPDR and Panda AD360 versions before 8.00.22.0010
Resolution
WatchGuard EPDR and Panda AD360 version 8.00.22.0010
Credits
Marcos Díaz Castiñeiras (https://www.linkedin.com/in/mdiazcast/) and Antón Ortigueira Vázquez (https://www.linkedin.com/in/antonortigueira/) from BlackArrow (Tarlogic).
Advisory Product List
Product Family
Product Branch
Product List