January 29, 2024 at 11:12AM
Two vulnerabilities in WatchGuard and Panda Security products, tracked as CVE-2023-6330 and CVE-2023-6331, could lead to denial of service (DoS) conditions or code execution with system privileges. The flaws were identified in the Panda Kernel Memory Access driver and were addressed in updates for the affected products. Details are available on WatchGuard’s security advisories page.
Based on the meeting notes, here are the key takeaways:
1. Vulnerabilities in WatchGuard and Panda Security products were identified, which could lead to denial of service (DoS) conditions or allow execution of arbitrary code with system privileges.
2. The vulnerabilities were detected in the Panda Kernel Memory Access driver (pskmad_64.sys) that is bundled with WatchGuard EPDR, Panda AD360, and Panda Dome for Windows.
3. The first issue, tracked as CVE-2023-6330, is described as a memory pool overflow defect, while the second security defect, CVE-2023-6331, is an out-of-bounds write issue, both potentially leading to kernel memory overflow.
4. An attacker might exploit these vulnerabilities to achieve code execution, but it requires administrative privileges for successful exploitation.
5. The vulnerabilities have been addressed with the release of WatchGuard EPDR and Panda AD360 version 8.00.22.0023, as well as Panda Dome version 22.02.01.
6. The updates also resolved an arbitrary kernel memory read flaw in the pskmad_64.sys driver.
7. More information on the patched vulnerabilities can be found on WatchGuard’s security advisories page.
Please let me know if you need further information or assistance.