Weak ACL in Panda Security URL Filtering Allows Local Privilege Escalation

Weak ACL in Panda Security URL Filtering Allows Local Privilege Escalation

CVE-2015-7378 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Panda Security URL Filtering before 4.3.1.9 uses a weak ACL for the "Panda Security URL Filtering" directory and installed files, which allows local users to gain SYSTEM privileges by modifying Panda_URL_Filteringb.exe.

Learn more about our User Device Pen Test.