Page 2 of 71 results (0.006 seconds)

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

A local privilege escalation vlnerability in the WatchGuard Mobile VPN with SSL client on Windows enables a local user to execute arbitrary commands with elevated privileged. Una vulnerabilidad de escalada de privilegios local en el cliente WatchGuard Mobile VPN con SSL en Windows permite a un usuario local ejecutar comandos arbitrarios con privilegios elevados. • https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00010 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in WatchGuard AuthPoint Password Manager on MacOS allows an a adversary with local access to execute code under the context of the AuthPoint Password Manager application. This issue affects AuthPoint Password Manager for MacOS versions before 1.0.6. La neutralización incorrecta de elementos especiales utilizados en una vulnerabilidad de comando ("Inyección de comando") en WatchGuard AuthPoint Password Manager en MacOS permite a un adversario con acceso local ejecutar código en el contexto de la aplicación AuthPoint Password Manager. Este problema afecta a AuthPoint Password Manager para versiones de MacOS anteriores a la 1.0.6. • https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00006 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •

CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0

An issue was discovered in WatchGuard EPDR 8.0.21.0002. Due to a weak implementation of message handling between WatchGuard EPDR processes, it is possible to perform a Local Privilege Escalation on Windows by sending a crafted message to a named pipe. Se descubrió un problema en WatchGuard EPDR 8.0.21.0002. Debido a una implementación débil del manejo de mensajes entre los procesos de WatchGuard EPDR, es posible realizar una escalada de privilegios locales en Windows enviando un mensaje manipulado a un pipe conocido. • https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2023-00004 • CWE-269: Improper Privilege Management •

CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0

An issue was discovered in WatchGuard EPDR 8.0.21.0002. Due to a weak implementation of a password check, it is possible to obtain credentials to access the management console as a non-privileged user. Se descubrió un problema en WatchGuard EPDR 8.0.21.0002. Debido a una implementación débil de la verificación de contraseña, es posible obtener credenciales para acceder a la consola de administración como usuario sin privilegios. • https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2023-00007 • CWE-273: Improper Check for Dropped Privileges •

CVSS: 6.7EPSS: 0%CPEs: 8EXPL: 0

An issue was discovered in WatchGuard EPDR 8.0.21.0002. It is possible to bypass the defensive capabilities by adding a registry key as SYSTEM. Se descubrió un problema en WatchGuard EPDR 8.0.21.0002. Es posible evitar las capacidades defensivas agregando una clave de registro como SYSTEMA. • https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2023-00005 • CWE-639: Authorization Bypass Through User-Controlled Key •