147 matches found
PT-2021-3830 · Microsoft · Windows Services For Nfs +1
Name of the Vulnerable Software and Affected Versions: Windows Services for NFS affected versions not specified Description: The issue is related to insufficient protection of service data, which can be exploited by a remote attacker to gain unauthorized access to protected information. This can...
TChopper - Conduct Lateral Movement Attack By Leveraging Unfiltered Services Display Name To Smuggle Binaries As Chunks Into The Target Machine
New technique I have discovered recently and give it a nickname Chop chop to perform lateral movement using windows services display name and WMI by smuggling the malicious binary as base64 chunks and automate the process using the TChopper tool. How it works the tool will get the file you willin...
Vulnerability of the Services and Controller applications on Windows operating systems, allowing attackers to increase their privileges
The vulnerability of the Services and Controller applications for Windows operating systems is related to insecure management of privileges. Exploiting this vulnerability can allow attackers to enhance their privileges...
CVE-2021-27086
Windows Services and Controller App Elevation of Privilege Vulnerability...
Privilege escalation
Windows Services and Controller App Elevation of Privilege Vulnerability...
Windows Services and Controller App Elevation of Privilege Vulnerability
...
KLA12139 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, gain privileges, execute arbitrary code, cause denial of service, spoof user interface. Below is a complete list of...
CVE-2020-24676 Insecure Windows Services in Symphony Plus
In Symphony Plus Operations and Symphony Plus Historian, some services can be vulnerable to privilege escalation attacks. An unprivileged but authenticated user could execute arbitrary code and result in privilege escalation, depending on the user that the service runs as...
CVE-2020-8258
Improper privilege management on services run by Citrix Gateway Plug-in for Windows, versions before and including 13.0-61.48 and 12.1-58.15, allows an attacker to modify arbitrary files...
McAfee Active Response (MAR) Security Feature Issue Vulnerability
McAfee Active Response is an endpoint detection and response tool for security threats from McAfee, USA. The product supports features such as quick access to threat data, threat alerts and centralized management.Microsoft Windows is a desktop operating system from Microsoft Corporation, USA. A...
Security Bulletin: CVE-2020-2590 (deferred from Oracle Jan 2020 CPU)
Summary Steps to update Java for QMF Workstation & QMF Vision Vulnerability Details CVEID: CVE-2020-2590 DESCRIPTION: An unspecified vulnerability in Java SE related to the Java SE Security component could allow an unauthenticated attacker to cause no confidentiality impact, low integrity impact,...
Security Bulletin: SBB0002796
Summary Steps to update Java - QMF Workstation & QMF Vision Vulnerability Details CVEID: CVE-2019-4732 DESCRIPTION: IBM SDK, Java Technology Edition Version 7.0.0.0 through 7.0.10.55, 7.1.0.0 through 7.1.4.55, and 8.0.0.0 through 8.0.6.0 could allow a local authenticated attacker to execute...
Security Bulletin: SB0003749
Summary Steps to update Java - QMF for Workstation and QMF Vision Vulnerability Details CVEID: CVE-2019-2949 DESCRIPTION: An unspecified vulnerability in Java SE related to the Kerberos component could allow an unauthenticated attacker to obtain sensitive information resulting in a high...
Vulnerability of Connected User Experience and Telemetry Service functions in Microsoft Windows operating systems, allowing attackers to induce service failures.
The vulnerability of the Connected User Experience and Telemetry Service services in Microsoft Windows operating systems is related to insufficient verification of permission assignment for critical resources. Exploiting this vulnerability can allow attackers to cause service failures...
CVE-2020-1268
An information disclosure vulnerability exists when a Windows service improperly handles objects in memory, aka 'Windows Service Information Disclosure Vulnerability'...
Veeam Guest Catalog Service does not start after upgrade
Challenge After a consecutive upgrade of Veeam Backup & Replication and Enterprise Manager to a newer version, VeeamCatalogSvc fails to start if the EM database is located on a remote server. Cause The account that is used to start VeeamCatalogSVC might not have access to the Veeam Enterprise...
CB TAU Threat Intelligence Notification – MegaCortex Ransomware
MegaCortex is a unique form of ransomware that was initially discovered earlier this year. It proved to be a very complex form of malware that required additional steps of operation that were only recoverable during incident responses. Since then, MegaCortex has been updated to become more generi...
CB TAU Threat Intelligence Notification: RobbinHood Ransomware Stops 181 Windows Services Before Encryption
According to source articles, RobbinHood ransomware has been discovered and it will stop 181 Windows services prior to the encryption taking place. It is thought that the ransomware might not be distributed through a typical spam campaign, but instead via other methods such as hacked remote deskt...
Zerodium Offers $500K for Secure Messaging App Zero Days
Zerodium, a vendor operating in the nebulous exploit acquisition market, has put a premium on zero-day vulnerabilities in secure messaging applications in a new pricing structure announced today. Remote code execution and local privilege elevation zero days in messaging apps such as WhatsApp,...
Carbanak Attackers Devise Clever New Persistence Trick
Hackers behind the Carbanak criminal gang have devised a clever way to gain persistence on targeted systems to more effectively pull off financially motivated crimes. The technique involves creating a bogus instance of a Microsoft Windows app compatibility feature. On Wednesday, Mandiant, FireEye...