Elevation of Privilege

SSD Advisory – Windows Installer Elevation of Privileges Vulnerability

TL;DR Vulnerability in Windows Installer allows local users to gain elevated SYSTEM privileges in Windows. Vulnerability Summary Windows Installer is a software component and application programming interface of Microsoft Windows used for the installation, maintenance, and removal of software. Windows Installer suffers from a local privilege escalation allowing a local user to gain SYSTEM on …

SSD Advisory – Windows Installer Elevation of Privileges Vulnerability Read More »

SSD Advisory – Cisco AnyConnect Privilege Elevation through Path Traversal

Vulnerability SummaryThe update functionality of the Cisco AnyConnect Secure Mobility Client for Windows is affected by a path traversal vulnerability that allows local attackers to create/overwrite files in arbitrary locations. Successful exploitation of this vulnerability allows the attacker to gain SYSTEM privileges. CreditAn independent Security Researcher, Yorick Koster, has reported this vulnerability to SSD Secure …

SSD Advisory – Cisco AnyConnect Privilege Elevation through Path Traversal Read More »

?

Get in touch