CVE-2024-8424

WatchGuard Endpoint Protection Privilege Escalation in PSANHost Enables Arbitrary File Delete as SYSTEM

CVSS 7.8 HIGHEPSS 0.2%CWE-269

Vexday Risk Score

21Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 7.8EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

07 Nov 2024Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

Improper Privilege Management vulnerability in WatchGuard EPDR, Panda AD360 and Panda Dome on Windows (PSANHost.exe module) allows arbitrary file delete with SYSTEM permissions. This issue affects EPDR: before 8.00.23.0000; Panda AD360: before 8.00.23.0000; Panda Dome: before 22.03.00.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

WatchGuard · EPDR WatchGuard · Panda AD360 WatchGuard · Panda Dome

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00017