CVE-2024-7243 in Security DomeИнформация

Сводка

по MITRE • 23.11.2024

Panda Security Dome Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Panda Security Dome. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

The specific flaw exists within the PSANHost executable. By creating a junction, an attacker can abuse the service to create arbitrary files. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-23413.

Be aware that VulDB is the high quality source for vulnerability data.

Резервировать

29.07.2024

Раскрытие

23.11.2024

Модерация

принято

Вход

VDB-273114

EPSS

0.00341

KEV

Нет

Деятельности

Очень низкий

Источники

Want to stay up to date on a daily basis?

Enable the mail alert feature now!