A vulnerability has been detected in Panda AdminSecure communications infrastructure that affects Panda Security for Business and Panda Security for Enterprise products.
The vulnerability has been located in the Panda Agent process (Pagent.exe).
When exploited, this vulnerability could allow an attacker to execute remote code. Hackers do not need specific user permissions to exploit this vulnerability.
Hotfix HAS_4_50_00_0032.exe has been developed to resolve this situation in Panda AdminSecure Communications Agent component.
In order to solve the issue, upgrade to the latest version of AdminSecure and apply the specific hotfix developed for the incident.
Our thanks to Andrea Micalizzi (aka rgod) and HP's Zero Day Initiative for responsibly disclosing this vulnerability.