Webroot endpoint agents prior to version v9.0.28.48 did not protect the ā%PROGRAMDATA%\WrData\PKGā directory against renaming. This could allow attackers to trigger a crash or wait upon Webroot service restart to rewrite and hijack dlls in this directory for privilege escalation.
[
{
"product": "Webroot SecureAnywhere",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All versions prior to version v9.0.28.48"
}
]
}
]