This module exploits a vulnerability in Symantec Endpoint Client when the 0x002224A4 function is invoked with a specially crafted parameter. The IOCTL 0x00222084 handler in the Sysplant.sys device driver in Symantec Endpoint allows local users to overwrite header in kernel pool and execute arbitrary code to obtain system privileges.
CVE Link
Exploit Platform
Exploit Type
Product Name