CVE-2024-8424 (GCVE-0-2024-8424)
Vulnerability from cvelistv5
Published
2024-11-07 23:27
Modified
2024-11-08 15:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-269 - Improper Privilege Management
Summary
Improper Privilege Management vulnerability in WatchGuard EPDR, Panda AD360 and Panda Dome on Windows (PSANHost.exe module) allows arbitrary file delete with SYSTEM permissions.
This issue affects EPDR: before 8.00.23.0000; Panda AD360: before 8.00.23.0000; Panda Dome: before 22.03.00.
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | WatchGuard | EPDR |
Version: 0 ≤ |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:watchguard:epdr_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "epdr_firmware",
"vendor": "watchguard",
"versions": [
{
"lessThan": "8.00.23.0000",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:watchguard:panda_ad360_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "panda_ad360_firmware",
"vendor": "watchguard",
"versions": [
{
"lessThan": "8.00.23.0000",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:watchgua:panda_dome_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "panda_dome_firmware",
"vendor": "watchgua",
"versions": [
{
"lessThan": "22.03.00",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8424",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T15:24:55.190870Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T15:28:51.297Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"PSANHost"
],
"platforms": [
"Windows"
],
"product": "EPDR",
"vendor": "WatchGuard",
"versions": [
{
"lessThan": "8.00.23.0000",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"PSANHost"
],
"platforms": [
"Windows"
],
"product": "Panda AD360",
"vendor": "WatchGuard",
"versions": [
{
"lessThan": "8.00.23.0000",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"PSANHost"
],
"platforms": [
"Windows"
],
"product": "Panda Dome",
"vendor": "WatchGuard",
"versions": [
{
"lessThan": "22.03.00",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Privilege Management vulnerability in WatchGuard EPDR, Panda AD360 and Panda Dome on Windows (PSANHost.exe module) allows arbitrary file delete with SYSTEM permissions.\u003cbr\u003e\u003cp\u003eThis issue affects EPDR: before 8.00.23.0000; Panda AD360: before 8.00.23.0000; Panda Dome: before 22.03.00.\u003c/p\u003e"
}
],
"value": "Improper Privilege Management vulnerability in WatchGuard EPDR, Panda AD360 and Panda Dome on Windows (PSANHost.exe module) allows arbitrary file delete with SYSTEM permissions.\nThis issue affects EPDR: before 8.00.23.0000; Panda AD360: before 8.00.23.0000; Panda Dome: before 22.03.00."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T00:57:31.232Z",
"orgId": "5d1c2695-1a31-4499-88ae-e847036fd7e3",
"shortName": "WatchGuard"
},
"references": [
{
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00017"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "WatchGuard Endpoint Protection Privilege Escalation in PSANHost Enables Arbitrary File Delete as SYSTEM",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "5d1c2695-1a31-4499-88ae-e847036fd7e3",
"assignerShortName": "WatchGuard",
"cveId": "CVE-2024-8424",
"datePublished": "2024-11-07T23:27:50.279Z",
"dateReserved": "2024-09-04T14:08:29.933Z",
"dateUpdated": "2024-11-08T15:28:51.297Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2024-8424\",\"sourceIdentifier\":\"5d1c2695-1a31-4499-88ae-e847036fd7e3\",\"published\":\"2024-11-08T00:15:15.807\",\"lastModified\":\"2024-11-08T19:01:03.880\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Improper Privilege Management vulnerability in WatchGuard EPDR, Panda AD360 and Panda Dome on Windows (PSANHost.exe module) allows arbitrary file delete with SYSTEM permissions.\\nThis issue affects EPDR: before 8.00.23.0000; Panda AD360: before 8.00.23.0000; Panda Dome: before 22.03.00.\"},{\"lang\":\"es\",\"value\":\"La vulnerabilidad de administraci\u00f3n incorrecta de privilegios en WatchGuard EPDR, Panda AD360 y Panda Dome en Windows (m\u00f3dulo PSANHost.exe) permite la eliminaci\u00f3n arbitraria de archivos con permisos del SYSTEM. Este problema afecta a EPDR: antes de 8.00.23.0000; Panda AD360: antes de 8.00.23.0000; Panda Dome: antes de 22.03.00.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"5d1c2695-1a31-4499-88ae-e847036fd7e3\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"5d1c2695-1a31-4499-88ae-e847036fd7e3\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-269\"}]}],\"references\":[{\"url\":\"https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00017\",\"source\":\"5d1c2695-1a31-4499-88ae-e847036fd7e3\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-8424\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-11-08T15:24:55.190870Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:o:watchguard:epdr_firmware:*:*:*:*:*:*:*:*\"], \"vendor\": \"watchguard\", \"product\": \"epdr_firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"8.00.23.0000\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:watchguard:panda_ad360_firmware:*:*:*:*:*:*:*:*\"], \"vendor\": \"watchguard\", \"product\": \"panda_ad360_firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"8.00.23.0000\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:watchgua:panda_dome_firmware:*:*:*:*:*:*:*:*\"], \"vendor\": \"watchgua\", \"product\": \"panda_dome_firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"22.03.00\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-11-08T15:28:43.363Z\"}}], \"cna\": {\"title\": \"WatchGuard Endpoint Protection Privilege Escalation in PSANHost Enables Arbitrary File Delete as SYSTEM\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"impacts\": [{\"capecId\": \"CAPEC-233\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-233 Privilege Escalation\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.8, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"WatchGuard\", \"modules\": [\"PSANHost\"], \"product\": \"EPDR\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"8.00.23.0000\", \"versionType\": \"semver\"}], \"platforms\": [\"Windows\"], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"WatchGuard\", \"modules\": [\"PSANHost\"], \"product\": \"Panda AD360\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"8.00.23.0000\", \"versionType\": \"semver\"}], \"platforms\": [\"Windows\"], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"WatchGuard\", \"modules\": [\"PSANHost\"], \"product\": \"Panda Dome\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"22.03.00\", \"versionType\": \"semver\"}], \"platforms\": [\"Windows\"], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00017\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Improper Privilege Management vulnerability in WatchGuard EPDR, Panda AD360 and Panda Dome on Windows (PSANHost.exe module) allows arbitrary file delete with SYSTEM permissions.\\nThis issue affects EPDR: before 8.00.23.0000; Panda AD360: before 8.00.23.0000; Panda Dome: before 22.03.00.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Improper Privilege Management vulnerability in WatchGuard EPDR, Panda AD360 and Panda Dome on Windows (PSANHost.exe module) allows arbitrary file delete with SYSTEM permissions.\u003cbr\u003e\u003cp\u003eThis issue affects EPDR: before 8.00.23.0000; Panda AD360: before 8.00.23.0000; Panda Dome: before 22.03.00.\u003c/p\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-269\", \"description\": \"CWE-269 Improper Privilege Management\"}]}], \"providerMetadata\": {\"orgId\": \"5d1c2695-1a31-4499-88ae-e847036fd7e3\", \"shortName\": \"WatchGuard\", \"dateUpdated\": \"2024-11-08T00:57:31.232Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-8424\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-11-08T15:28:51.297Z\", \"dateReserved\": \"2024-09-04T14:08:29.933Z\", \"assignerOrgId\": \"5d1c2695-1a31-4499-88ae-e847036fd7e3\", \"datePublished\": \"2024-11-07T23:27:50.279Z\", \"assignerShortName\": \"WatchGuard\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…