CNNVD-202507-2028 Information
CNNVD ID
CNNVD-202507-2028
Related CVE
- CNNVD Published: 2025-07-15
Description (Chinese)
Panda Security Antivirus等都是西班牙熊猫安全(Panda Security)公司的产品。Panda Security Antivirus是一套杀毒软件。Panda Security Internet Security是一套基于云技术的杀毒软件。Panda Security Free Antivirus是一款免费的杀毒软件。 Panda Security多款产品存在安全漏洞,该漏洞源于DLL文件加载验证不当,可能导致任意代码执行。以下产品及版本受到影响:Panda Global Protection 2016、Panda Antivirus Pro 2016、Panda Small Business Protection和Panda Internet Security 2016 16.1.2及之前版本。
Description (English)
Panda Security Antivirus and others are products of Panda Security. Panda Security Antivirus is a poison-killing software. Panda Security Internet Security is a cloud-based poison-killing software. Panda Security Free Antivirus is a free-of-charge poison-killing software. There is a safety gap in Panda Security ’ s multiple products, which stems from the inappropriate loading and validation of DLL documents, which could lead to arbitrary code enforcement. The following products and versions were affected: Panda Global Production 2016, Panda Antivirus Pro 2016, Panda Small Business Production and Panda Internet Security 2016 16.1.2 and previous versions.
Hazard Level
Medium
Vulnerability Type
代码问题
Affected Vendor
熊猫安全
Published
2025-07-15
Last Modified
2026-02-24
References
https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/local/panda_psevents.rb http://www.security-assessment.com/files/documents/advisory/Panda%20Security%20-%20Privilege%20Escalation.pdf https://web.archive.org/web/20170415211828/ http://www.pandasecurity.com/uk/support/card?id=100053 https://web.archive.org/web/20160704105329/ https://www.exploit-db.com/exploits/40020 https://www.vulncheck.com/advisories/panda-security-psevents-insecure-dll-loading-privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2025-34109
Share on: