[FD] McAfee File Lock Driver - Kernel Memory Leak

* CVE: CVE-2015-8772 * Vendor: McAfee - Intel Security * Reported by: Kyriakos Economou * Date of Release: 26/01/2016 * Date of Fix: N/A * Affected Products: Multiple * Affected Version: McPvDrv.sys v4.6.111.0

[FD] McAfee File Lock Driver - Kernel Memory Leak

* CVE: CVE-2015-8772 * Vendor: McAfee - Intel Security * Reported by: Kyriakos Economou * Date of Release: 26/01/2016 * Date of Fix: N/A * Affected Products: Multiple * Affected Version: McPvDrv.sys v4.6.111.0 * Fixed Version: N/A Description: McAfee File Lock Driver does not handle correctly

[FD] McAfee File Lock Driver - Kernel Stack Based BOF

* CVE: CVE-2015-8773 * Vendor: McAfee - Intel Security * Reported by: Kyriakos Economou * Date of Release: 26/01/2016 * Date of Fix: N/A * Affected Products: Multiple * Affected Version: McPvDrv.sys v4.6.111.0 * Fixed Version: N/A Description: McAfee File Lock Driver does not handle correctly

[FD] NDI5aster – Privilege Escalation through NDIS 5.x Filter Intermediate Drivers

NDI5aster – Privilege Escalation through NDIS 5.x Filter Intermediate Drivers ABSTRACT The Network Driver Interface Specification (NDIS) [11] provides a programming interface specification that facilitates from the network driver architecture perspective the communication between a protocol d

[FD] Avast Virtualization Driver - Elevation Of Privileges

* CVE: CVE-2015-8620 * Vendor: Avast * Reported by: Kyriakos Economou * Date of Release: 17/02/2016 * Affected Products: Multiple * Affected Version: <= v11.1.2245 * Fixed Version: v11.1.2253 Description: A heap overflow bug in the Avast Virtualization kernel mode driver (aswSnx.sys) allow

[FD] Panda Security Multiple Business Products - Privilege Escalation

* CVE: CVE-2016-3943 * Vendor: Panda Security * Reported by: Kyriakos Economou * Date of Release: 05/04/2016 * Affected Products: Multiple * Affected Version: Panda Endpoint Administration Agent < v7.50.00 * Fixed Version: Panda Endpoint Administration Agent v7.50.00 Description: Panda Endpo

[FD] Panda Security 2016 Home User Products - Privilege Escalation

* CVE: CVE-2015-7378 * Vendor: Panda Security * Reported by: Kyriakos Economou * Date of Release: 05/04/2016 * Affected Products: Multiple * Affected Version: Panda Security URL Filtering < v4.3.1.9 * Fixed Version: Panda Security URL Filtering v4.3.1.9 Description: All Panda Security 2016 H

[FD] Avast SandBox Escape via IOCTL Requests

* CVE: CVE-2016-4025 * Vendor: Avast * Reported by: Kyriakos Economou * Date of Release: 19/04/2016 * Affected Products: Multiple * Affected Version: Multiple * Fixed Version: N/A Description: A design flaw in Avast Sandbox allows a potentially harmful program to escape the sandbox and infect

[FD] CVE-2015-1438 – Panda Security Multiple Products Arbitrary Code Execution

CVE: CVE-2015-1438 Vendor: Panda Security Product: Multiple Products Affected version: 1.0.0.13 (PSKMAD.sys driver version) Fixed version: 15.1.0 (Products Version) Reported by: Kyriakos Economou Details: Panda Kernel Memory Access Driver doesn’t validate the size of data to be copied to

[FD] nt!_SEP_TOKEN_PRIVILEGES – Single Write EoP Protect

TL;DR: Abusing enabled token privileges through a kernel exploit to gain EoP it won’t be enough anymore as from NT kernel version 10.0.15063 they are ‘checked’ against the privileges present in the token of the calling process. So you will need two writes. URL: http://www.anti-reversing.com/n

[FD] Symantec Encryption Desktop & Endpoint Encryption Local Privilege Escalation - Exploiting an Arbitrary Hard Disk Read/Write Vulnerability Over NTFS

Note: These vulnerabilities remain unpatched at the point of publication. We have been working with Symantec to try and help them to fix this since our initial private disclosure in July 2017 (full timeline at the end of this article), however no patch has yet been released. Consequently, we

[FD] Sophos Safeguard Products - Multiple Privilege Escalation Vulnerabilities.

We have recently disclosed a list of vulnerabilities to Sophos that allow local attackers to elevate their privileges and execute code in the security context of the SYSTEM user account. Affected Products: SafeGuard Enterprise 8.00.4 and earlier (Fix: install 8.00.5) SafeGuard Easy 7.00.2.35 an

[FD] CVE-2018-8955: Bitdefender GravityZone Arbitrary Code Execution

We recently identified a vulnerability in the digitally signed Bitdefender GravityZone installer. The vulnerability allows an attacker to execute malicious code without breaking the original digital signature, and without embedding anything malicious into the installer itself. This means tha

[FD] Symantec Endoint Security LPE CVE-2019-12750

7.html 2. https://labs.nettitude.com/blog/cve-2019-12750-symantec-endpoint-protection-local-privilege-escalation-part-1/ Kyriakos Economou Senior Vulnerability Researcher T: 0345 520 0085 E: kecono...@nettitude.com UK: 1 Jephson Court, Tancred Cl, Leamington Spa, CV31 3RZ [cid:image002.png

[FD] CVE-2019-12750 - Exploitation Write-ups

-privilege-escalation-part-2/ Cheers, @kyREcon Kyriakos Economou Senior Vulnerability Researcher T: 0345 520 0085 E: kecono...@nettitude.com UK: 1 Jephson Court, Tancred Cl, Leamington Spa, CV31 3RZ [cid:image002.png@01D5B106.E858C6F0