Privilege Escalation in Panda Security

Status
Not open for further replies.

lordman

Level 6
Thread author
Verified
Well-known
Apr 18, 2013
255
Latest, and possibly earlier builds, of the PavTPK.sys kernel mode driver of Panda Security software suffers from a heap overflow bug that allows any user to elevate their privileges through an IOCTL request and execute code as SYSTEM by controlling the EIP via a corrupted kernel object.

Upon unsuccessful exploitation the system will crash with a BSoD.
This driver is loaded into kernel memory during boot time and stays resident without touching the disk later.

All Panda Security products using the faulty driver were foujnd to be vulnerable.

https://www.portcullis-security.com...-downloads/security-advisories/cve-2014-5307/
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top