7.8
CVSSv3

CVE-2024-13043

CVSSv4: NA | CVSSv3: 7.8 | CVSSv2: NA | VMScore: 880 | EPSS: 0.00043 | KEV: Not Included
Published: 30/12/2024 Updated: 03/01/2025

Vulnerability Summary

Panda Security Dome Local Privilege Escalation Vulnerability via Junction Abuse

Panda Security Dome has a local privilege escalation vulnerability. Local attackers can use this to gain higher privileges on affected systems. To exploit this issue, an attacker needs to run low-privileged code on the system first. The problem lies in Hotspot Shield. An attacker can make a junction to delete any files using the application. This lets the attacker escalate privileges and run any code as SYSTEM. It was identified as ZDI-CAN-23478.

Vulnerable Product Search on Vulmon Subscribe to Product

watchguard panda dome 22.02.01