Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-26237: WatchGuard EPDR and AD360 Advanced Protection Bypass Vulnerability via Registry Key | WatchGuard Technologies

An issue was discovered in WatchGuard EPDR 8.0.21.0002. It is possible to bypass the defensive capabilities by adding a registry key as SYSTEM.

CVE
Open in Source
#vulnerability#windows

Advisory ID

WGSA-2023-00005

Published Date

2023-09-28

Workaround Available

True

CVSS Vector

AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Summary

WatchGuard EPDR and Panda AD360 versions up to, and including, 8.00.22.0009 allows an adversary with local access and system privileges to bypass the Advanced Protection feature by setting a Windows registry key. A successful exploit of this vulnerability could allow an attacker to execute a binary that has not completed classification.

Affected

WatchGuard EPDR and Panda AD360 versions before 8.00.22.0010

Resolution

WatchGuard EPDR and Panda AD360 version 8.00.22.0010

Credits

Marcos Díaz Castiñeiras (https://www.linkedin.com/in/mdiazcast/) and Antón Ortigueira Vázquez (https://www.linkedin.com/in/antonortigueira/) from BlackArrow (Tarlogic).

Advisory Product List

Product Family

Product Branch

Product List

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE