Vulnerabilites related to WatchGuard - EPDR
Vulnerability from fkie_nvd
Published
2023-10-05 01:15
Modified
2024-11-21 07:50
Severity ?
Summary
An issue was discovered in WatchGuard EPDR 8.0.21.0002. Due to a weak implementation of a password check, it is possible to obtain credentials to access the management console as a non-privileged user.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| watchguard | epp_firmware | * | |
| watchguard | epp | - | |
| watchguard | edr_firmware | * | |
| watchguard | edr | - | |
| watchguard | epdr_firmware | * | |
| watchguard | epdr | - | |
| watchguard | panda_ad360_firmware | * | |
| watchguard | panda_ad360 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:watchguard:epp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2361AC95-E9B5-4494-B4D3-A516E92E0180",
"versionEndExcluding": "8.00.22.0010",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:watchguard:epp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FCB7410D-4F42-49A1-B65F-2F57FBED5591",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:watchguard:edr_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D0BB0A60-F997-44F6-9B83-D89525D5E90B",
"versionEndExcluding": "8.00.22.0010",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:watchguard:edr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9BE98983-49EA-4B3D-B561-509DF3244630",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:watchguard:epdr_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E547FF3-E496-4AF4-8BA4-67D92E104335",
"versionEndExcluding": "8.00.22.0010",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:watchguard:epdr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC28BE1A-C558-4132-8376-A1177030CB90",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:watchguard:panda_ad360_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FE92F05-0078-4B53-A282-5C7B9D70F17B",
"versionEndExcluding": "8.00.22.0010",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:watchguard:panda_ad360:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8521691C-F38A-4E4C-ADE7-717218F2E951",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in WatchGuard EPDR 8.0.21.0002. Due to a weak implementation of a password check, it is possible to obtain credentials to access the management console as a non-privileged user."
},
{
"lang": "es",
"value": "Se descubri\u00f3 un problema en WatchGuard EPDR 8.0.21.0002. Debido a una implementaci\u00f3n d\u00e9bil de la verificaci\u00f3n de contrase\u00f1a, es posible obtener credenciales para acceder a la consola de administraci\u00f3n como usuario sin privilegios."
}
],
"id": "CVE-2023-26239",
"lastModified": "2024-11-21T07:50:57.823",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-10-05T01:15:10.273",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2023-00007"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2023-00007"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-273"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-10-05 01:15
Modified
2024-11-21 07:50
Severity ?
Summary
An issue was discovered in WatchGuard EPDR 8.0.21.0002. It is possible to enable or disable defensive capabilities by sending a crafted message to a named pipe.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| watchguard | epp_firmware | * | |
| watchguard | epp | - | |
| watchguard | edr_firmware | * | |
| watchguard | edr | - | |
| watchguard | epdr_firmware | * | |
| watchguard | epdr | - | |
| watchguard | panda_ad360_firmware | * | |
| watchguard | panda_ad360 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:watchguard:epp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2361AC95-E9B5-4494-B4D3-A516E92E0180",
"versionEndExcluding": "8.00.22.0010",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:watchguard:epp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FCB7410D-4F42-49A1-B65F-2F57FBED5591",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:watchguard:edr_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D0BB0A60-F997-44F6-9B83-D89525D5E90B",
"versionEndExcluding": "8.00.22.0010",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:watchguard:edr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9BE98983-49EA-4B3D-B561-509DF3244630",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:watchguard:epdr_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E547FF3-E496-4AF4-8BA4-67D92E104335",
"versionEndExcluding": "8.00.22.0010",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:watchguard:epdr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC28BE1A-C558-4132-8376-A1177030CB90",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:watchguard:panda_ad360_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FE92F05-0078-4B53-A282-5C7B9D70F17B",
"versionEndExcluding": "8.00.22.0010",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:watchguard:panda_ad360:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8521691C-F38A-4E4C-ADE7-717218F2E951",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in WatchGuard EPDR 8.0.21.0002. It is possible to enable or disable defensive capabilities by sending a crafted message to a named pipe."
},
{
"lang": "es",
"value": "Se descubri\u00f3 un problema en WatchGuard EPDR 8.0.21.0002. Es posible habilitar o deshabilitar capacidades defensivas enviando un mensaje manipulado a un pipe conocido."
}
],
"id": "CVE-2023-26238",
"lastModified": "2024-11-21T07:50:57.683",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-10-05T01:15:10.233",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2023-00006"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2023-00006"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-10-05 01:15
Modified
2024-11-21 07:50
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
An issue was discovered in WatchGuard EPDR 8.0.21.0002. It is possible to bypass the defensive capabilities by adding a registry key as SYSTEM.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| watchguard | epp_firmware | * | |
| watchguard | epp | - | |
| watchguard | edr_firmware | * | |
| watchguard | edr | - | |
| watchguard | epdr_firmware | * | |
| watchguard | epdr | - | |
| watchguard | panda_ad360_firmware | * | |
| watchguard | panda_ad360 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:watchguard:epp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2361AC95-E9B5-4494-B4D3-A516E92E0180",
"versionEndExcluding": "8.00.22.0010",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:watchguard:epp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FCB7410D-4F42-49A1-B65F-2F57FBED5591",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:watchguard:edr_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D0BB0A60-F997-44F6-9B83-D89525D5E90B",
"versionEndExcluding": "8.00.22.0010",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:watchguard:edr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9BE98983-49EA-4B3D-B561-509DF3244630",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:watchguard:epdr_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E547FF3-E496-4AF4-8BA4-67D92E104335",
"versionEndExcluding": "8.00.22.0010",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:watchguard:epdr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC28BE1A-C558-4132-8376-A1177030CB90",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:watchguard:panda_ad360_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FE92F05-0078-4B53-A282-5C7B9D70F17B",
"versionEndExcluding": "8.00.22.0010",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:watchguard:panda_ad360:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8521691C-F38A-4E4C-ADE7-717218F2E951",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in WatchGuard EPDR 8.0.21.0002. It is possible to bypass the defensive capabilities by adding a registry key as SYSTEM."
},
{
"lang": "es",
"value": "Se descubri\u00f3 un problema en WatchGuard EPDR 8.0.21.0002. Es posible evitar las capacidades defensivas agregando una clave de registro como SYSTEMA."
}
],
"id": "CVE-2023-26237",
"lastModified": "2024-11-21T07:50:57.463",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-10-05T01:15:10.187",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2023-00005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2023-00005"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-639"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-639"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-10-05 01:15
Modified
2024-11-21 07:50
Severity ?
Summary
An issue was discovered in WatchGuard EPDR 8.0.21.0002. Due to a weak implementation of message handling between WatchGuard EPDR processes, it is possible to perform a Local Privilege Escalation on Windows by sending a crafted message to a named pipe.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| watchguard | epp_firmware | * | |
| watchguard | epp | - | |
| watchguard | edr_firmware | * | |
| watchguard | edr | - | |
| watchguard | epdr_firmware | * | |
| watchguard | epdr | - | |
| watchguard | panda_ad360_firmware | * | |
| watchguard | panda_ad360 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:watchguard:epp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2361AC95-E9B5-4494-B4D3-A516E92E0180",
"versionEndExcluding": "8.00.22.0010",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:watchguard:epp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FCB7410D-4F42-49A1-B65F-2F57FBED5591",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:watchguard:edr_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D0BB0A60-F997-44F6-9B83-D89525D5E90B",
"versionEndExcluding": "8.00.22.0010",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:watchguard:edr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9BE98983-49EA-4B3D-B561-509DF3244630",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:watchguard:epdr_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E547FF3-E496-4AF4-8BA4-67D92E104335",
"versionEndExcluding": "8.00.22.0010",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:watchguard:epdr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC28BE1A-C558-4132-8376-A1177030CB90",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:watchguard:panda_ad360_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FE92F05-0078-4B53-A282-5C7B9D70F17B",
"versionEndExcluding": "8.00.22.0010",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:watchguard:panda_ad360:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8521691C-F38A-4E4C-ADE7-717218F2E951",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in WatchGuard EPDR 8.0.21.0002. Due to a weak implementation of message handling between WatchGuard EPDR processes, it is possible to perform a Local Privilege Escalation on Windows by sending a crafted message to a named pipe."
},
{
"lang": "es",
"value": "Se descubri\u00f3 un problema en WatchGuard EPDR 8.0.21.0002. Debido a una implementaci\u00f3n d\u00e9bil del manejo de mensajes entre los procesos de WatchGuard EPDR, es posible realizar una escalada de privilegios locales en Windows enviando un mensaje manipulado a un pipe conocido."
}
],
"id": "CVE-2023-26236",
"lastModified": "2024-11-21T07:50:57.300",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-10-05T01:15:10.137",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2023-00004"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2023-00004"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
CVE-2024-8424 (GCVE-0-2024-8424)
Vulnerability from cvelistv5
Published
2024-11-07 23:27
Modified
2024-11-08 15:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-269 - Improper Privilege Management
Summary
Improper Privilege Management vulnerability in WatchGuard EPDR, Panda AD360 and Panda Dome on Windows (PSANHost.exe module) allows arbitrary file delete with SYSTEM permissions.
This issue affects EPDR: before 8.00.23.0000; Panda AD360: before 8.00.23.0000; Panda Dome: before 22.03.00.
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | WatchGuard | EPDR |
Version: 0 ≤ |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:watchguard:epdr_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "epdr_firmware",
"vendor": "watchguard",
"versions": [
{
"lessThan": "8.00.23.0000",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:watchguard:panda_ad360_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "panda_ad360_firmware",
"vendor": "watchguard",
"versions": [
{
"lessThan": "8.00.23.0000",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:watchgua:panda_dome_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "panda_dome_firmware",
"vendor": "watchgua",
"versions": [
{
"lessThan": "22.03.00",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8424",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T15:24:55.190870Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T15:28:51.297Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"PSANHost"
],
"platforms": [
"Windows"
],
"product": "EPDR",
"vendor": "WatchGuard",
"versions": [
{
"lessThan": "8.00.23.0000",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"PSANHost"
],
"platforms": [
"Windows"
],
"product": "Panda AD360",
"vendor": "WatchGuard",
"versions": [
{
"lessThan": "8.00.23.0000",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"PSANHost"
],
"platforms": [
"Windows"
],
"product": "Panda Dome",
"vendor": "WatchGuard",
"versions": [
{
"lessThan": "22.03.00",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Privilege Management vulnerability in WatchGuard EPDR, Panda AD360 and Panda Dome on Windows (PSANHost.exe module) allows arbitrary file delete with SYSTEM permissions.\u003cbr\u003e\u003cp\u003eThis issue affects EPDR: before 8.00.23.0000; Panda AD360: before 8.00.23.0000; Panda Dome: before 22.03.00.\u003c/p\u003e"
}
],
"value": "Improper Privilege Management vulnerability in WatchGuard EPDR, Panda AD360 and Panda Dome on Windows (PSANHost.exe module) allows arbitrary file delete with SYSTEM permissions.\nThis issue affects EPDR: before 8.00.23.0000; Panda AD360: before 8.00.23.0000; Panda Dome: before 22.03.00."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T00:57:31.232Z",
"orgId": "5d1c2695-1a31-4499-88ae-e847036fd7e3",
"shortName": "WatchGuard"
},
"references": [
{
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00017"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "WatchGuard Endpoint Protection Privilege Escalation in PSANHost Enables Arbitrary File Delete as SYSTEM",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "5d1c2695-1a31-4499-88ae-e847036fd7e3",
"assignerShortName": "WatchGuard",
"cveId": "CVE-2024-8424",
"datePublished": "2024-11-07T23:27:50.279Z",
"dateReserved": "2024-09-04T14:08:29.933Z",
"dateUpdated": "2024-11-08T15:28:51.297Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-26238 (GCVE-0-2023-26238)
Vulnerability from cvelistv5
Published
2023-10-05 00:00
Modified
2024-09-19 19:23
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An issue was discovered in WatchGuard EPDR 8.0.21.0002. It is possible to enable or disable defensive capabilities by sending a crafted message to a named pipe.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:46:23.429Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2023-00006"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-26238",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-19T19:23:41.657551Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-19T19:23:49.455Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in WatchGuard EPDR 8.0.21.0002. It is possible to enable or disable defensive capabilities by sending a crafted message to a named pipe."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-05T00:26:54.244207",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2023-00006"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-26238",
"datePublished": "2023-10-05T00:00:00",
"dateReserved": "2023-02-20T00:00:00",
"dateUpdated": "2024-09-19T19:23:49.455Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-26236 (GCVE-0-2023-26236)
Vulnerability from cvelistv5
Published
2023-10-05 00:00
Modified
2024-09-20 14:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An issue was discovered in WatchGuard EPDR 8.0.21.0002. Due to a weak implementation of message handling between WatchGuard EPDR processes, it is possible to perform a Local Privilege Escalation on Windows by sending a crafted message to a named pipe.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:46:23.883Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2023-00004"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:watchguard:epdr_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "epdr_firmware",
"vendor": "watchguard",
"versions": [
{
"status": "affected",
"version": "8.0.21.0002"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-26236",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-20T14:41:41.599252Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-20T14:48:52.180Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in WatchGuard EPDR 8.0.21.0002. Due to a weak implementation of message handling between WatchGuard EPDR processes, it is possible to perform a Local Privilege Escalation on Windows by sending a crafted message to a named pipe."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-05T00:26:46.896961",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2023-00004"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-26236",
"datePublished": "2023-10-05T00:00:00",
"dateReserved": "2023-02-20T00:00:00",
"dateUpdated": "2024-09-20T14:48:52.180Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-26239 (GCVE-0-2023-26239)
Vulnerability from cvelistv5
Published
2023-10-05 00:00
Modified
2024-09-19 19:23
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An issue was discovered in WatchGuard EPDR 8.0.21.0002. Due to a weak implementation of a password check, it is possible to obtain credentials to access the management console as a non-privileged user.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:46:24.546Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2023-00007"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-26239",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-19T19:23:08.013374Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-19T19:23:16.648Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in WatchGuard EPDR 8.0.21.0002. Due to a weak implementation of a password check, it is possible to obtain credentials to access the management console as a non-privileged user."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-05T00:26:57.358497",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2023-00007"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-26239",
"datePublished": "2023-10-05T00:00:00",
"dateReserved": "2023-02-20T00:00:00",
"dateUpdated": "2024-09-19T19:23:16.648Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-26237 (GCVE-0-2023-26237)
Vulnerability from cvelistv5
Published
2023-10-05 00:00
Modified
2024-09-19 20:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An issue was discovered in WatchGuard EPDR 8.0.21.0002. It is possible to bypass the defensive capabilities by adding a registry key as SYSTEM.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:46:23.320Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2023-00005"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:watchguard:epp_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "epp_firmware",
"vendor": "watchguard",
"versions": [
{
"lessThan": "8.00.22.0010",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:watchguard:edr_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "edr_firmware",
"vendor": "watchguard",
"versions": [
{
"lessThan": "8.00.22.0010",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:watchguard:epdr_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "epdr_firmware",
"vendor": "watchguard",
"versions": [
{
"lessThan": "8.00.22.0010",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:watchguard:panda_ad360_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "panda_ad360_firmware",
"vendor": "watchguard",
"versions": [
{
"lessThan": "8.00.22.0010",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-26237",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-19T20:31:02.431643Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639 Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-19T20:43:09.255Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in WatchGuard EPDR 8.0.21.0002. It is possible to bypass the defensive capabilities by adding a registry key as SYSTEM."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-05T00:26:50.620168",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2023-00005"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-26237",
"datePublished": "2023-10-05T00:00:00",
"dateReserved": "2023-02-20T00:00:00",
"dateUpdated": "2024-09-19T20:43:09.255Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}