CVE-2017-5329 Local Privilege Escalation in Terminal Server Agent
Attack Vector LOCAL
Attack Complexity LOW
Confidentiality Impact HIGH
Privileges Required LOW
Integrity Impact HIGH
User Interaction NONE
Availability Impact HIGH
A local privilege escalation vulnerability exists in Terminal Server Agent (ref # PAN-67756 / CVE-2017-5329).
Terminal Server Agent contains a vulnerability that may allow for an out of bounds write. Successful exploitation of this issue may allow an attacker to elevate their permissions.
This issue affects Terminal Server Agent 6.0; Terminal Server Agent 7.0.6 and earlier
|Terminal Server Agent 7.0||<= 7.0.6||>= 7.0.7|
CVSSv3.1 Base Score:7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
Terminal Server Agent 7.0.7 and later
Workarounds and Mitigations
Palo Alto Networks would like to thank Parvez Anwar from Verizon for reporting this issue to us.