Privilege Escalation In ESET Products For Windows

Status
Not open for further replies.

lordman

Level 6
Thread author
Verified
Well-known
Apr 18, 2013
255
Versions 5.0 – 7.0 of ESET Smart Security and ESET Endpoint Security products for Windows XP OS allow a low privileged user to execute code as SYSTEM by exploiting a vulnerability in the ESET Personal Firewall NDIS filter (EpFwNdis.sys) kernel mode driver also mentioned as Personal Firewall module: Build 1183 (20140214) and prior. This is a ‘trusted value vulnerability’ that can be triggered through a specific IOCTL with a specifically crafted buffer, to force the driver to validate an improper IOCTL.

https://www.portcullis-security.com...-downloads/security-advisories/cve-2014-4973/
 
  • Like
Reactions: kiric96
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top