Pandasecurity Panda Dome vulnerabilities
6 known vulnerabilities affecting pandasecurity/panda_dome.
Total CVEs
6
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH5
Vulnerabilities
Page 1 of 1
CVE-2024-7245HIGHCVSS 7.8v22.02.012024-11-22
CVE-2024-7245 [HIGH] CWE-732 CVE-2024-7245: Panda Security Dome VPN Incorrect Permission Assignment Local Privilege Escalation Vulnerability. Th
Panda Security Dome VPN Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Panda Security Dome. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The spe
nvd
CVE-2024-7241HIGHCVSS 7.8v22.02.012024-11-22
CVE-2024-7241 [HIGH] CWE-59 CVE-2024-7241: Panda Security Dome Link Following Local Privilege Escalation Vulnerability. This vulnerability allo
Panda Security Dome Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Panda Security Dome. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific flaw exists with
nvd
CVE-2024-7244HIGHCVSS 7.8v22.02.012024-11-22
CVE-2024-7244 [HIGH] CWE-427 CVE-2024-7244: Panda Security Dome VPN DLL Hijacking Local Privilege Escalation Vulnerability. This vulnerability a
Panda Security Dome VPN DLL Hijacking Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Panda Security Dome. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific flaw exists
nvd
CVE-2024-7243HIGHCVSS 7.8v22.02.012024-11-22
CVE-2024-7243 [HIGH] CWE-59 CVE-2024-7243: Panda Security Dome Link Following Local Privilege Escalation Vulnerability. This vulnerability allo
Panda Security Dome Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Panda Security Dome. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific flaw exists with
nvd
CVE-2024-7242HIGHCVSS 7.8v22.02.012024-11-22
CVE-2024-7242 [HIGH] CWE-59 CVE-2024-7242: Panda Security Dome Link Following Local Privilege Escalation Vulnerability. This vulnerability allo
Panda Security Dome Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Panda Security Dome. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific flaw exists with
nvd
CVE-2019-12042CRITICALCVSS 9.8fixed in 18.07.032019-05-23
CVE-2019-12042 [CRITICAL] CWE-732 CVE-2019-12042: Insecure permissions of the section object Global\PandaDevicesAgentSharedMemory and the event Global
Insecure permissions of the section object Global\PandaDevicesAgentSharedMemory and the event Global\PandaDevicesAgentSharedMemoryChange in Panda products before 18.07.03 allow attackers to queue an event (as an encrypted JSON string) to the system service AgentSvc.exe, which leads to privilege escalation when the CmdLineExecute event is queued. T
nvd