This module exploits a vulnerability in Anti keylogger elite when the 0x002224A4 function is invoked with a specially crafted parameter. The IOCTL 0x002224A4 handler in the AKEProtect.sys device driver in Anti Keylogger Elite allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters to obtain system privileges.

Agnitum Outpost Security Suite is prone to a privilege-escalation vulnerability that affects the acs.exe service server. Attackers can leverage this issue to execute arbitrary code with elevated privileges in the context of the acs.exe service server process.

tbd. This module allows an agent running in the context of AcroRd32.exe with Low Integrity Level/AppContainer Integrity Level to escalate privileges in order to install a new agent that will run with Medium Integrity Level.