728 matches found
The vulnerability of the CDPSvc service of the Windows operating system, which allows a hacker to escalate their privileges
The vulnerability of the CDPSvc service for connected user devices in the Windows operating system is related to object handling errors in memory. Exploiting this vulnerability can allow an attacker to enhance their privileges through a specially created application...
The vulnerability of the CDPSvc service of the Windows operating system, which allows a hacker to escalate their privileges
The vulnerability of the CDPSvc service for connected user devices in the Windows operating system is related to object handling errors in memory. Exploiting this vulnerability can allow an attacker to enhance their privileges through a specially created application...
The vulnerability of the CDPSvc service of the Windows operating system, which allows a hacker to increase their privileges
The vulnerability of the CDPSvc service for connected user devices in the Windows operating system is related to object handling errors in memory. Exploiting this vulnerability can allow an attacker to enhance their privileges through a specially created application...
The vulnerability of the CDPSvc service of the Windows operating system, which allows a hacker to escalate their privileges
The vulnerability of the CDPSvc service for connected user devices in the Windows operating system is related to object handling errors in memory. Exploiting this vulnerability can allow an attacker to enhance their privileges through a specially created application...
shadowbroker
This repository, Zam-0703/shadowbroker, contains a collection of exploits and tools for various vulnerabilities. The repository was created by the Shadow Brokers, a group known for releasing stolen NSA hacking tools. The repository includes exploits for several vulnerabilities, including:...
CVE-2017-6371
Synchronet BBS 3.16c for Windows allows remote attackers to cause a denial of service service crash via a long string in the HTTP Referer header...
shadowbroker
This repository, bahuwang/shadowbroker, contains a collection of exploits and tools leaked by the Shadow Brokers, a group known for releasing sensitive information. The repository includes a README file that lists the contents of the repository, which includes various exploit modules and tools...
Windscribe WindscribeService Named Pipe Privilege Escalation
The Windscribe VPN client application for Windows makes use of a Windows service WindscribeService.exe which exposes a named pipe \.\pipe\WindscribeService allowing execution of programs with elevated privileges. Windscribe versions prior to 1.82 do not validate user-supplied program names,...
Memhunter - Live Hunting Of Code Injection Techniques
Memhunter is an endpoint sensor tool that is specialized in detecing resident malware, improving the threat hunter analysis process and remediation times. The tool detects and reports memory-resident malware living on endpoint processes. Memhunter detects known malicious memory injection...
Threat Analysis Unit (TAU) Threat Intelligence Notification: Snatch Ransomware
During the end of the year 2019, a ransomware named ‘Snatch” was discovered. Snatch ransomware will force Windows to reboot in Safe Mode where most of the software and system drivers will not be running in order to perform the file encryption process. Similar to the other variants of ransomware, ...
CVE-2019-19460
An issue was discovered in SALTO ProAccess SPACE 5.4.3.0. The product's webserver runs as a Windows service with local SYSTEM permissions by default. This is against the principle of least privilege. An attacker who is able to exploit CVE-2019-19458 or CVE-2019-19459 is basically able to write to...
CVE-2019-19460
An issue was discovered in SALTO ProAccess SPACE 5.4.3.0. The product's webserver runs as a Windows service with local SYSTEM permissions by default. This is against the principle of least privilege. An attacker who is able to exploit CVE-2019-19458 or CVE-2019-19459 is basically able to write to...
CVE-2019-19460
SALTO ProAccess SPACE 5.4.3.0 is affected by CVE-2019-19458 (Directory Traversal in Data Export) and CVE-2019-19459 (arbitrary file writes and command execution on the server). These flaws allow an attacker to write arbitrary content to arbitrary files, with exploitation demonstrated against the ...
SALTO ProAccess SPACE 5.5 Traversal / File Write / XSS / Bypass
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Critical Vulnerabilities product: SALTO ProAccess SPACE vulnerable version: = v5.6 CVE number: CVE-2019-19457, CVE-2019-19458, CVE-2019-19459, CVE-2019-19460...
TeamViewer Code Issues Vulnerabilities
TeamViewer is a suite of software for remote control, desktop sharing and file transfer from the German company TeamViewer. A code issue vulnerability exists in Windows Service in TeamViewer Windows, which can be exploited by an attacker to execute code on a target system by creating a file into...
CVE-2019-18196
A DLL side loading vulnerability in the Windows Service in TeamViewer versions up to 11.0.133222 fixed in 11.0.214397, 12.0.181268 fixed in 12.0.214399, 13.2.36215 fixed in 13.2.36216, and 14.6.4835 fixed in 14.7.1965 on Windows could allow an attacker to perform code execution on a target system...
CVE-2019-18196
A DLL side loading vulnerability in the Windows Service in TeamViewer versions up to 11.0.133222 fixed in 11.0.214397, 12.0.181268 fixed in 12.0.214399, 13.2.36215 fixed in 13.2.36216, and 14.6.4835 fixed in 14.7.1965 on Windows could allow an attacker to perform code execution on a target system...
Juicy Potato - A Sugared Version Of RottenPotatoNG, With A Bit Of Juice, I.E. Another Local Privilege Escalation Tool, From A Windows Service Accounts To NT AUTHORITY\SYSTEM
A sugared version ofRottenPotatoNG, with a bit of juice, i.e. another LocalPrivilege Escalation tool, from a Windows Service Accounts to NT AUTHORITY\SYSTEM Summary RottenPotatoNG and its variants leverages the privilege escalation chain based on BITS service having the MiTM listener on...
CVE-2019-12572
A vulnerability in the London Trust Media Private Internet Access PIA VPN Client 1.0.2 build 02363 for Windows could allow an authenticated, local attacker to run arbitrary code with elevated privileges. On startup, the PIA Windows service pia-service.exe loads the OpenSSL library from...
Hidden Bee: Let’s go down the rabbit hole
Some time ago, we discussed the interesting malware, Hidden Bee. It is a Chinese miner, composed of userland components, as well as of a bootkit part. One of its unique features is a custom format used for some of the high-level elements this format was featured in my recent presentation at SAS...