In this post we will walk you through a more sophisticated method of exploiting CVE-2019-12750. This is a local privilege escalation vulnerability that affects Symantec Endpoint Protection. The method of exploitation described in this post works, at the time of writing, on all versions of Windows.
Author Archive for: Kyriakos Economou
About Kyriakos Economou
This author has yet to write their bio.Meanwhile lets just say that we are proud Kyriakos Economou contributed a whooping 22 entries.
Entries by Kyriakos Economou
A little while ago, I discovered a vulnerability, CVE-2017-18019, affecting a kernel driver of multiple K7 Computing security products, as well as the products of Defenx, both for Windows. Both were affected because they were using the same anti virus engine, and both are now patched. The proof of concept was based on an invalid […]
We recently identified a vulnerability in the digitally signed Bitdefender GravityZone installer. The vulnerability allows an attacker to execute malicious code without breaking the original digital signature, and without embedding anything malicious into the installer itself. This means that an appropriately positioned attacker can cause the signed installer to run an arbitrary remotely hosted executable. […]