Panda Antivirus AgentSvc Local Privilege Escalation Exploit

The vulnerable is a Local Privilege Escalation in AgentSvc.exe. This service creates a global section object and a corresponding global event that is signaled whenever a process that writes to the shared memory wants the data to be processed by the service. The vulnerability lies in the weak permissions that are affected to both these objects allowing "Everyone" including unprivileged users to manipulate the shared memory and the event.
Exploit type: 
Platform: 
Vulnerabilty ID: 
CVE-2019-12042
Released Date: 
Thursday, May 30, 2019 - 19:00