Nettitude Blog

Panda Security Multiple Business Products - Privilege Escalation

Posted by Kyriakos Economou on Apr 5, 2016 12:00:32 PM
  • CVE: CVE-2016-3943
  • Vendor: Panda Security
  • Reported by: Kyriakos Economou
  • Date of Release: 05/04/2016
  • Affected Products: Multiple
  • Affected Version: Panda Endpoint Administration Agent < v7.50.00
  • Fixed Version: Panda Endpoint Administration Agent v7.50.00


Panda Endpoint Administration Agent v7.30.2 allows a local attacker to elevate his privileges from any account type (guest included) and execute code as SYSTEM, thus completely compromising the affected host.

Affected Products:

Any Panda Security For business products for Windows using this agent service are vulnerable.

Technical Details:

Upon installing some Panda Security for business products for Windows, such as Panda Endpoint Protection/Plus, a service named as 'Panda Endpoint Administration Agent' is installed in the host. This service runs under the SYSTEM account.

However, due to weak ACLs set to the installation directory ("C:\Program Files\Panda Security\WaAgent") of this application and its subdirectories, any user can modify or overwrite any executable module (dynamic link libraries and executables) installed in those directories.


A local attacker can elevate his privileges from any user account and execute code as SYSTEM.

Disclosure Log:

Vendor Contacted: 12/01/2016
Public Disclosure: 05/04/2016


Copyright © Nettitude Limited 2016, All rights reserved worldwide.


The information herein contained may change without notice. Any use of this information is at the user’s risk and discretion and is provided with no warranties. Nettitude and the author cannot be held liable for any impact resulting from the use of this information.

To contact Nettitude’s editor, please email

Topics: Security Blog, Uncategorized

About Nettitude

Nettitude is the trusted cyber security provider to thousands of businesses around the world. We stop at nothing to keep your data and business secure in an age of ever-evolving cyber threats.

In 2018, Nettitude became part of Lloyd’s Register, an 8,000 person strong professional services organisation, with 300 years of heritage in safety and risk management. Nettitude now provides true global coverage, through a network of over 180 offices strategically placed around the globe.

Subscribe Here!

Recent Posts