WatchGuard and Panda Security Product Vulnerabilities Cause Code Execution

WatchGuard-and-Panda-Security-Product-Vulnerabilities-Cause-Code-Execution

WatchGuard and Panda Security products have vulnerabilities that could provide attackers the ability to launch arbitrary code with system privileges or create denial of service (DoS) scenarios.

The Panda Kernel Memory Access driver (pskmad_64.sys), which is installed with WatchGuard EPDR, Panda AD360, and Panda Dome for Windows, was found to have the issues. One of the problems, identified as CVE-2023-6330, is a memory pool overflow vulnerability that can let an intruder use more memory than the kernel has allotted.

The vulnerabilities were discovered by cybersecurity company Sophos, which claims that the driver improperly validates the contents of registry values connected to OS version, enabling attackers to insert maliciously created stuff into these registries and overrun the memory.

Read More: Vulnerabilities in WatchGuard, Panda Security Products Lead to Code Execution

For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.