The Key to COMpromise - Abusing a TOCTOU race to gain SYSTEM, Part 2
In joined research between cirosec and Neodyme several vulnerabilities were found in Antivirus (AV) and Endpoint Detection and Response (EDR) products that could, in theory, allow privilege escalation to SYSTEM on millions of devices, assuming initial access was gained.
In part two of this blog series we demonstrate how COM hijacking was leveraged to gain SYSTEM privileges for exploiting AVG Internet Security (CVE-2024-6510 ) to gain privileges.
Find out more on our website at https://cirosec.de/en/news/the-key-to-compromise-part-2/.
#itsecurity #cybersecurity #itsicherheit #research #blog #vulnerabilities
In joined research between cirosec and Neodyme several vulnerabilities were found in Antivirus (AV) and Endpoint Detection and Response (EDR) products that could, in theory, allow privilege escalation to SYSTEM on millions of devices, assuming initial access was gained.
In part two of this blog series we demonstrate how COM hijacking was leveraged to gain SYSTEM privileges for exploiting AVG Internet Security (CVE-2024-6510 ) to gain privileges.
Find out more on our website at https://cirosec.de/en/news/the-key-to-compromise-part-2/.
#itsecurity #cybersecurity #itsicherheit #research #blog #vulnerabilities
The Key to COMpromise - Part 2 - cirosec
January 29, 2025 - In this post, we will delve into how we exploited trust in AVG Internet Security (CVE-2024-6510 ) to gain elevated privileges.ne@cirosec.de (cirosec)
