![]() In the second part, we will go through a more sophisticated approach that required further analysis of the vulnerable products due to the newly introduced Low Fragmentation Heap (LFH) for kernel mode pool allocations, in Windows 10 v1809 onwards, which broke the first exploitation method. In the first part, we will be discussing the actual bug and how we took advantage of it in earlier Windows versions, Windows 7 to 10 v1803, without additional kernel mode execution control requirements. Since the two approaches we used are quite different between them, we decided to split this write-up into two parts. In addition, the latest security updates around the kernel pool allocations that were introduced in Windows 10 v1809 gave us the opportunity to implement a different approach in order to successfully exploit this vulnerability in the latest version currently available v1909. Introduction: Vulnerability Analysis – MethodologyĪ few months ago, while looking for a local privilege escalation vulnerability in the latest version of Symantec Endpoint Protection ( SEP v14.2 Build 2486) software, we encountered a vulnerability that was hidden for several years. Symantec Endpoint Protection Small Business Edition v12.x Symantec Endpoint Protection v12.x Symantec Endpoint Protection v14.x A malicious application can take advantage of a vulnerability in Symantec Endpoint Protection to leak privileged information and/or execute code with higher privileges, thus taking full control over the affected host. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |