Windows | Core Security

This module exploits an uninitialised stack variable vulnerability in "Fortishield.sys" by calling to DeviceIoControl function using IOCTL 0x220028 and 0x22608C with crafted parameters.

The vulnerability was a buffer overflow in Dokany kernel mode file system driver used by Google.

A vulnerability in the update service of Cisco Webex Meetings Desktop App for Windows could allow an authenticated local attacker, to execute arbitrary commands with SYSTEM user privileges.

This module exploits a vulnerability in various ASUS and 3rd party branded utilities. The low level access drivers at the core of these utilities expose dangerous functionality to low privilege processes, a local attacker can read/write arbitrary kernel memory, which can be leveraged to elevate privileges.

This module exploits a vulnerability in various ASROCK utilities. The low level access drivers at the core of these utilities expose dangerous functionality to low privilege processes, a local attacker can read/write arbitrary kernel memory, which can be leveraged to elevate privileges.

A Heap Overflow vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP server. An attacker who successfully exploited the vulnerability could run arbitrary code or crash the DHCP server.

This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.

A stack-based buffer overflow in WECON LeviStudioU Editor allows an attacker to execute arbitrary code via crafted Project file. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.

Subscribe to Windows

Privacy Policy

Cookie Policy

Terms of Service

Accessibility

Impressum