CVE-2024-8424 WatchGuard Endpoint Protection Privilege Escalation in PSANHost Enables Arbitrary File Delete as SYSTEM

🗓️ 07 Nov 2024 23:27:50Reported by WatchGuardType

WatchGuard EPDR and Panda security products on Windows are vulnerable to privilege escalation leading to arbitrary file deletion as SYSTE

Reporter	Title	Published	Views	Family All 10
Circl	CVE-2024-8424	7 Nov 202423:29	–	circl
CNNVD	WatchGuard多款产品安全漏洞	8 Nov 202400:00	–	cnnvd
CVE	CVE-2024-8424	7 Nov 202423:27	–	cve
EUVD	EUVD-2024-49166	3 Oct 202520:07	–	euvd
NVD	CVE-2024-8424	8 Nov 202400:15	–	nvd
Positive Technologies	PT-2024-39002 · Watchguard +1 · Watchguard Epdr +2	7 Nov 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-8424	4 Feb 202522:32	–	redhatcve
Vulnrichment	CVE-2024-8424 WatchGuard Endpoint Protection Privilege Escalation in PSANHost Enables Arbitrary File Delete as SYSTEM	7 Nov 202423:27	–	vulnrichment
Zero Day Initiative	Panda Security Dome PSANHost Link Following Local Privilege Escalation Vulnerability	11 Nov 202400:00	–	zdi
Zero Day Initiative	Panda Security Dome PSANHost Link Following Local Privilege Escalation Vulnerability	20 Nov 202400:00	–	zdi

[
  {
    "defaultStatus": "unaffected",
    "modules": [
      "PSANHost"
    ],
    "platforms": [
      "Windows"
    ],
    "product": "EPDR",
    "vendor": "WatchGuard",
    "versions": [
      {
        "lessThan": "8.00.23.0000",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "modules": [
      "PSANHost"
    ],
    "platforms": [
      "Windows"
    ],
    "product": "Panda AD360",
    "vendor": "WatchGuard",
    "versions": [
      {
        "lessThan": "8.00.23.0000",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "modules": [
      "PSANHost"
    ],
    "platforms": [
      "Windows"
    ],
    "product": "Panda Dome",
    "vendor": "WatchGuard",
    "versions": [
      {
        "lessThan": "22.03.00",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
watchguard	www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00017

08 Nov 2024 00:57Current

CVSS 3.17.8

EPSS0.00041

CWE-269