Nettitude discovered a vulnerability in the ‘madCodeHook’ third party library which caused a number of security products, including Cisco AMP and Morphisec Unified Threat Prevention Platform, to contain a local privilege escalation vulnerability. Since the vulnerability originated in a third party library, it is likely to affect other software using that library. The madCodeHook author […]
Author Archive for: Kyriakos Economou
About Kyriakos Economou
This author has yet to write their bio.Meanwhile lets just say that we are proud Kyriakos Economou contributed a whooping 23 entries.
Entries by Kyriakos Economou
In this post we will walk you through a more sophisticated method of exploiting CVE-2019-12750. This is a local privilege escalation vulnerability that affects Symantec Endpoint Protection. The method of exploitation described in this post works, at the time of writing, on all versions of Windows.
A little while ago, I discovered a vulnerability, CVE-2017-18019, affecting a kernel driver of multiple K7 Computing security products, as well as the products of Defenx, both for Windows. Both were affected because they were using the same anti virus engine, and both are now patched. The proof of concept was based on an invalid […]