EUVD-2020-23732

Malware in sbrugna...

EUVD-2018-4940

Malware in sbrugna...

CVE-2020-36154

The Application Wrapper in Pearson VUE VTS Installer 2.3.1911 has Full Control permissions for Everyone in the "%SYSTEMDRIVE%\Pearson VUE" directory, which allows local users to obtain administrative privileges via a Trojan horse application...

Microsoft named a Leader in the 2022 Gartner® Magic Quadrant™ for Security Information and Event Management

Security operations teams are overwhelmed trying to protect their organizations against an onslaught of cyberattacks, including a 92 percent rise in ransomware attacks.1 Too often, existing security tools are siloed or not designed to meet the needs of today’s hybrid cloud environment. The result...

CVE-2020-36154

The Application Wrapper in Pearson VUE VTS Installer 2.3.1911 has Full Control permissions for Everyone in the "%SYSTEMDRIVE%\Pearson VUE" directory, which allows local users to obtain administrative privileges via a Trojan horse application...

CVE-2020-36154

The Application Wrapper in Pearson VUE VTS Installer 2.3.1911 has Full Control permissions for Everyone in the "%SYSTEMDRIVE%\Pearson VUE" directory, which allows local users to obtain administrative privileges via a Trojan horse application...

CVE-2020-36154

The Application Wrapper in Pearson VUE VTS Installer 2.3.1911 has Full Control permissions for Everyone in the "%SYSTEMDRIVE%\Pearson VUE" directory, which allows local users to obtain administrative privileges via a Trojan horse application...

Design/Logic Flaw

The Application Wrapper in Pearson VUE VTS Installer 2.3.1911 has Full Control permissions for Everyone in the "%SYSTEMDRIVE%\Pearson VUE" directory, which allows local users to obtain administrative privileges via a Trojan horse application...

CVE-2020-36154

The CVE concerns Pearson VUE VTS Installer 2.3.1911 where the Application Wrapper grants Full Control to Everyone in the %SYSTEMDRIVE%\Pearson VUE directory. This permission setup enables local users to escalate privileges via a Trojan horse application and obtain administrative rights. The avail...

CVE-2020-36154

The Application Wrapper in Pearson VUE VTS Installer 2.3.1911 has Full Control permissions for Everyone in the "%SYSTEMDRIVE%\Pearson VUE" directory, which allows local users to obtain administrative privileges via a Trojan horse application...

Pearson Vue VTS Installer Security Vulnerability

Pearson Vue VTS Installer is an exam system installer from Pearson Vue USA. A security vulnerability exists in Pearson VUE VTS Installer 2.3.1911, which allows local users to gain administrative privileges via a Trojan horse...

Pearson Vue VTS 2.3.1911 Installer - VUEApplicationWrapper Unquoted Service Path Vulnerability

Exploit Title: Pearson Vue VTS 2.3.1911 Installer - VUEApplicationWrapper Unquoted Service Path Discovery by: Jok3r Vendor Homepage: https://home.pearsonvue.com/ Software Link: https://vss.pearsonvue.com/VSSFiles/Documents/ENUTCInstallGuide/DownloadVTSInstaller.htm Tested Version: 2.3.1911...

Pearson Vue VTS 2.3.1911 Installer - VUEApplicationWrapper Unquoted Service Path

Exploit Title: Pearson Vue VTS 2.3.1911 Installer - VUEApplicationWrapper Unquoted Service Path Discovery by: Jok3r Discovery Date: 2020-09-14 Vendor Homepage: https://home.pearsonvue.com/ Software Link: https://vss.pearsonvue.com/VSSFiles/Documents/ENUTCInstallGuide/DownloadVTSInstaller.htm Test...

Pearson Vue VTS 2.3.1911 Installer - (VUEApplicationWrapper) Unquoted Service Path Vulnerability

Exploit Title: Pearson Vue VTS 2.3.1911 Installer - 'VUEApplicationWrapper' Unquoted Service Path Discovery by: Jok3r Vendor Homepage: https://home.pearsonvue.com/ Software Link: https://vss.pearsonvue.com/VSSFiles/Documents/ENUTCInstallGuide/DownloadVTSInstaller.htm Tested Version: 2.3.1911...

Pearson Vue VTS 2.3.1911 Unquoted Service Path

Exploit Title: Pearson Vue VTS 2.3.1911 Installer - 'VUEApplicationWrapper' Unquoted Service Path Discovery by: Jok3r Discovery Date: 2020-09-14 Vendor Homepage: https://home.pearsonvue.com/ Software Link: https://vss.pearsonvue.com/VSSFiles/Documents/ENUTCInstallGuide/DownloadVTSInstaller.htm...

Pearson Vue VTS 2.3.1911 Installer - 'VUEApplicationWrapper' Unquoted Service Path

Exploit Title: Pearson Vue VTS 2.3.1911 Installer - 'VUEApplicationWrapper' Unquoted Service Path Discovery by: Jok3r Discovery Date: 2020-09-14 Vendor Homepage: https://home.pearsonvue.com/ Software Link: https://vss.pearsonvue.com/VSSFiles/Documents/ENUTCInstallGuide/DownloadVTSInstaller.htm...

home.pearsonvue.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1173108 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

Input validation

The report-viewing feature in Pearson VUE Certiport Console 8 and IQSystem 7 before 2018-06-26 mishandles child processes and consequently launches Internet Explorer or Microsoft Edge as Administrator, which allows local users to gain privileges...

CVE-2018-12989

The report-viewing feature in Pearson VUE Certiport Console 8 and IQSystem 7 before 2018-06-26 mishandles child processes and consequently launches Internet Explorer or Microsoft Edge as Administrator, which allows local users to gain privileges...

CVE-2018-12989

The CVE-2018-12989 vulnerability affects Pearson VUE Certiport Console 8 and IQSystem 7 prior to 2018-06-26. The root cause is mishandling of child processes, which causes Internet Explorer or Microsoft Edge to be launched with Administrator privileges, enabling local privilege escalation. Public...