CVE-2024-13043Link Following in Security Dome

CWE-59Link Following3 documents3 sources
Severity
7.8HIGHNVD
EPSS
0.1%
top 82.69%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Panda Security DomeWatchguard Panda Dome
Timeline
PublishedDec 30

Description

Panda Security Dome Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Panda Security Dome. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Hotspot Shield. By creating a junction, an attacker can abuse the application to delete arbitrary files. An attacker can leverage this vu

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

CVEListV5panda_security/dome22.02.01
NVDwatchguard/panda_dome22.02.01

🔴Vulnerability Details

2
CVEList
Panda Security Dome Link Following Local Privilege Escalation Vulnerability2024-12-30
GHSA
GHSA-mm9p-gqvv-gr69: Panda Security Dome Link Following Local Privilege Escalation Vulnerability2024-12-30
CVE-2024-13043 — Link Following in Panda Security Dome | cvebase