CVE-2024-8424

Published: Nov 8, 2024Modified: Nov 8, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: 5d1c2695-1a31-4499-88ae-e847036fd7e3 (Secondary)

Description

Improper Privilege Management vulnerability in WatchGuard EPDR, Panda AD360 and Panda Dome on Windows (PSANHost.exe module) allows arbitrary file delete with SYSTEM permissions. This issue affects EPDR: before 8.00.23.0000; Panda AD360: before 8.00.23.0000; Panda Dome: before 22.03.00.

Related CWEs

CWE-269

Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

References (1)

https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00017

Source: 5d1c2695-1a31-4499-88ae-e847036fd7e3

Timeline

No history available yet.