CVE
Vulnerable Software
Agent (<=1.16.11) for Panda Adaptive Defense 360 <= Version 8.0.17
Vulnerability
The Agent for Panda Adaptive Defense 360 is affected by a DLL hijacking vulnerability that could allow an attacker to use a specific service as an execution and/or persistence mechanism which could execute a malicious program each time the service is started.
Timeline
- 17.11.2020 Vendor informed
- 19.11.2020 – 08.12.2020 technical exchange & question to wait until february
- 01.02.2021 Disclosure