The Agent for Panda Adaptive Defense 360 is affected by a DLL hijacking vulnerability that could allow an attacker to use a specific service as an execution and/or persistence mechanism that could execute a malicious program each time the service is started.
Vulnerability in Panda Security product
Twitter
LinkedIn
Facebook
CVE
Vulnerability type
Persistence Exploit
Pentester
Florian Hansemann
Publication
01.02.2021
Software version
Agent (<=1.16.11) for Panda Adaptive Defense 360 <= version 8.0.17
Timeline
– 17.11.2020 Seller informs
– 19.11.2020 to 08.12.2020: Technical exchange & questions waiting until February
– 01.02.2021 Disclosure
