An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory.
Kernel drivers in Beckhoff TwinCAT 3.1 Build 4022.4, TwinCAT 2.11 R3 2259, and TwinCAT 3.1 lack proper validation of user-supplied pointer values. An attacker who is able to execute code on the target may be able to exploit this vulnerability to obtain SYSTEM privileges.
Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to Local Privilege Escalation via multiple IOCTL.
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Sophos SafeGuard Enterprise. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of crafted IOCTL by the lcencvm.sys kernel driver. The issue lies in the failure to properly validate user-supplied data which can result in an arbitrary write condition. An attacker can leverage this vulnerability to execute arbitrary code under the context of kernel. This module will elevate the privileges of the current agent instead of installing a new one.
The code that implements 3D acceleration for OpenGL graphics in Oracle VirtualBox is prone to multiple memory corruption vulnerabilities. An attacker within a Windows Guest OS can escape from the virtual machine and make a DoS in the VirtualBox process in the Host OS.
This module exploits an uninitialised stack variable vulnerability in "nxfs.sys" by calling to DeviceIoControl function using IOCTL 0x00222014 and 0x00222030 with crafted parameters.
This exploit executes code at a user-defined (local) path as SYSTEM, when the execute_installer parameter is used in an HTTP message. This occurs without properly authenticating the user
This vulnerability allows local attackers to escalate privileges on vulnerable installations of MalwareFox Antimalware. An attacker must first obtain the ability to execute normal privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of crafted IOCTL by the zam64.sys kernel driver. The issue lies in the failure to properly validate user-supplied data which can allows a non-privileged process to register itself. An attacker can leverage this vulnerability to execute arbitrary code under the context of kernel. This module will elevate the privileges of the current agent instead of installing a new one.
This module exploits a stack overflow vulnerability in "kwatch3.sys" by calling to IOCTL 0x80030004 function with crafted parameters.
This module exploits a vulnerability in NVIDIA GPU drivers. By abusing a vulnerability in the driver's DxgDdiEscape interface handler, a local attacker can trigger a kernel arbitrary write, which can be leveraged to elevate privileges.
Pagination
- Previous page
- Page 18
- Next page