High severity7.8NVD Advisory· Published Apr 18, 2016· Updated May 6, 2026

CVE-2016-3943

Description

Panda Endpoint Administration Agent before 7.50.00, as used in Panda Security for Business products for Windows, uses a weak ACL for the Panda Security/WaAgent directory and sub-directories, which allows local users to gain SYSTEM privileges by modifying an executable module.

Affected products

WatchGuard/Panda Endpoint Administration Agent
cpe:2.3:a:watchguard:panda_endpoint_administration_agent:*:*:*:*:*:*:*:*
Range: <=7.49

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

packetstormsecurity.com/files/136606/Panda-Endpoint-Administration-Agent-Privilege-Escalation.htmlnvdThird Party AdvisoryVDB Entry
seclists.org/fulldisclosure/2016/Apr/24nvdMailing ListThird Party Advisory
www.exploit-db.com/exploits/39671/nvdThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.507
epss	0.000
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000