Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
2 vulnerabilities found for EPDR by WatchGuard
CVE-2024-8424 (GCVE-0-2024-8424)
Vulnerability from cvelistv5 – Published: 2024-11-07 23:27 – Updated: 2024-11-08 15:28
VLAI
Title
WatchGuard Endpoint Protection Privilege Escalation in PSANHost Enables Arbitrary File Delete as SYSTEM
Summary
Improper Privilege Management vulnerability in WatchGuard EPDR, Panda AD360 and Panda Dome on Windows (PSANHost.exe module) allows arbitrary file delete with SYSTEM permissions.
This issue affects EPDR: before 8.00.23.0000; Panda AD360: before 8.00.23.0000; Panda Dome: before 22.03.00.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
1 reference
Impacted products
6 products
| Vendor | Product | Version | |
|---|---|---|---|
| WatchGuard | EPDR |
Affected:
0 , < 8.00.23.0000
(semver)
|
|
| WatchGuard | Panda AD360 |
Affected:
0 , < 8.00.23.0000
(semver)
|
|
| WatchGuard | Panda Dome |
Affected:
0 , < 22.03.00
(semver)
|
|
| watchguard | epdr_firmware |
Affected:
0 , < 8.00.23.0000
(semver)
cpe:2.3:o:watchguard:epdr_firmware:*:*:*:*:*:*:*:* |
|
| watchguard | panda_ad360_firmware |
Affected:
0 , < 8.00.23.0000
(semver)
cpe:2.3:o:watchguard:panda_ad360_firmware:*:*:*:*:*:*:*:* |
|
| watchgua | panda_dome_firmware |
Affected:
0 , < 22.03.00
(semver)
cpe:2.3:o:watchgua:panda_dome_firmware:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:watchguard:epdr_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "epdr_firmware",
"vendor": "watchguard",
"versions": [
{
"lessThan": "8.00.23.0000",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:watchguard:panda_ad360_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "panda_ad360_firmware",
"vendor": "watchguard",
"versions": [
{
"lessThan": "8.00.23.0000",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:watchgua:panda_dome_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "panda_dome_firmware",
"vendor": "watchgua",
"versions": [
{
"lessThan": "22.03.00",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8424",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T15:24:55.190870Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T15:28:51.297Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"PSANHost"
],
"platforms": [
"Windows"
],
"product": "EPDR",
"vendor": "WatchGuard",
"versions": [
{
"lessThan": "8.00.23.0000",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"PSANHost"
],
"platforms": [
"Windows"
],
"product": "Panda AD360",
"vendor": "WatchGuard",
"versions": [
{
"lessThan": "8.00.23.0000",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"PSANHost"
],
"platforms": [
"Windows"
],
"product": "Panda Dome",
"vendor": "WatchGuard",
"versions": [
{
"lessThan": "22.03.00",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Privilege Management vulnerability in WatchGuard EPDR, Panda AD360 and Panda Dome on Windows (PSANHost.exe module) allows arbitrary file delete with SYSTEM permissions.\u003cbr\u003e\u003cp\u003eThis issue affects EPDR: before 8.00.23.0000; Panda AD360: before 8.00.23.0000; Panda Dome: before 22.03.00.\u003c/p\u003e"
}
],
"value": "Improper Privilege Management vulnerability in WatchGuard EPDR, Panda AD360 and Panda Dome on Windows (PSANHost.exe module) allows arbitrary file delete with SYSTEM permissions.\nThis issue affects EPDR: before 8.00.23.0000; Panda AD360: before 8.00.23.0000; Panda Dome: before 22.03.00."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T00:57:31.232Z",
"orgId": "5d1c2695-1a31-4499-88ae-e847036fd7e3",
"shortName": "WatchGuard"
},
"references": [
{
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00017"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "WatchGuard Endpoint Protection Privilege Escalation in PSANHost Enables Arbitrary File Delete as SYSTEM",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "5d1c2695-1a31-4499-88ae-e847036fd7e3",
"assignerShortName": "WatchGuard",
"cveId": "CVE-2024-8424",
"datePublished": "2024-11-07T23:27:50.279Z",
"dateReserved": "2024-09-04T14:08:29.933Z",
"dateUpdated": "2024-11-08T15:28:51.297Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8424 (GCVE-0-2024-8424)
Vulnerability from nvd – Published: 2024-11-07 23:27 – Updated: 2024-11-08 15:28
VLAI
Title
WatchGuard Endpoint Protection Privilege Escalation in PSANHost Enables Arbitrary File Delete as SYSTEM
Summary
Improper Privilege Management vulnerability in WatchGuard EPDR, Panda AD360 and Panda Dome on Windows (PSANHost.exe module) allows arbitrary file delete with SYSTEM permissions.
This issue affects EPDR: before 8.00.23.0000; Panda AD360: before 8.00.23.0000; Panda Dome: before 22.03.00.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
1 reference
Impacted products
6 products
| Vendor | Product | Version | |
|---|---|---|---|
| WatchGuard | EPDR |
Affected:
0 , < 8.00.23.0000
(semver)
|
|
| WatchGuard | Panda AD360 |
Affected:
0 , < 8.00.23.0000
(semver)
|
|
| WatchGuard | Panda Dome |
Affected:
0 , < 22.03.00
(semver)
|
|
| watchguard | epdr_firmware |
Affected:
0 , < 8.00.23.0000
(semver)
cpe:2.3:o:watchguard:epdr_firmware:*:*:*:*:*:*:*:* |
|
| watchguard | panda_ad360_firmware |
Affected:
0 , < 8.00.23.0000
(semver)
cpe:2.3:o:watchguard:panda_ad360_firmware:*:*:*:*:*:*:*:* |
|
| watchgua | panda_dome_firmware |
Affected:
0 , < 22.03.00
(semver)
cpe:2.3:o:watchgua:panda_dome_firmware:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:watchguard:epdr_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "epdr_firmware",
"vendor": "watchguard",
"versions": [
{
"lessThan": "8.00.23.0000",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:watchguard:panda_ad360_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "panda_ad360_firmware",
"vendor": "watchguard",
"versions": [
{
"lessThan": "8.00.23.0000",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:watchgua:panda_dome_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "panda_dome_firmware",
"vendor": "watchgua",
"versions": [
{
"lessThan": "22.03.00",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8424",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T15:24:55.190870Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T15:28:51.297Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"PSANHost"
],
"platforms": [
"Windows"
],
"product": "EPDR",
"vendor": "WatchGuard",
"versions": [
{
"lessThan": "8.00.23.0000",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"PSANHost"
],
"platforms": [
"Windows"
],
"product": "Panda AD360",
"vendor": "WatchGuard",
"versions": [
{
"lessThan": "8.00.23.0000",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"PSANHost"
],
"platforms": [
"Windows"
],
"product": "Panda Dome",
"vendor": "WatchGuard",
"versions": [
{
"lessThan": "22.03.00",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Privilege Management vulnerability in WatchGuard EPDR, Panda AD360 and Panda Dome on Windows (PSANHost.exe module) allows arbitrary file delete with SYSTEM permissions.\u003cbr\u003e\u003cp\u003eThis issue affects EPDR: before 8.00.23.0000; Panda AD360: before 8.00.23.0000; Panda Dome: before 22.03.00.\u003c/p\u003e"
}
],
"value": "Improper Privilege Management vulnerability in WatchGuard EPDR, Panda AD360 and Panda Dome on Windows (PSANHost.exe module) allows arbitrary file delete with SYSTEM permissions.\nThis issue affects EPDR: before 8.00.23.0000; Panda AD360: before 8.00.23.0000; Panda Dome: before 22.03.00."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T00:57:31.232Z",
"orgId": "5d1c2695-1a31-4499-88ae-e847036fd7e3",
"shortName": "WatchGuard"
},
"references": [
{
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00017"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "WatchGuard Endpoint Protection Privilege Escalation in PSANHost Enables Arbitrary File Delete as SYSTEM",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "5d1c2695-1a31-4499-88ae-e847036fd7e3",
"assignerShortName": "WatchGuard",
"cveId": "CVE-2024-8424",
"datePublished": "2024-11-07T23:27:50.279Z",
"dateReserved": "2024-09-04T14:08:29.933Z",
"dateUpdated": "2024-11-08T15:28:51.297Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}