Insecure permissions of the section object Global\PandaDevicesAgentSharedMemory and the event Global\PandaDevicesAgentSharedMemoryChange in Panda products before 18.07.03 allow attackers to queue an event (as an encrypted JSON string) to the system service AgentSvc.exe, which leads to privilege escalation when the CmdLineExecute event is queued. This affects Panda Antivirus, Panda Antivirus Pro, Panda Dome, Panda Global Protection, Panda Gold Protection, and Panda Internet Security.
References
Link | Resource |
---|---|
https://github.com/SouhailHammou/Panda-Antivirus-LPE | Exploit Third Party Advisory |
https://rce4fun.blogspot.com/2019/05/panda-antivirus-local-privilege.html | Exploit Third Party Advisory |
https://www.pandasecurity.com/usa/support/card?id=100063 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-05-23T13:30:44
Updated: 2019-05-23T13:30:44
Reserved: 2019-05-13T00:00:00
Link: CVE-2019-12042
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-05-23T14:29:07.673
Modified: 2020-08-24T17:37:01.140
Link: CVE-2019-12042
JSON object: View
Redhat Information
No data.
CWE