InvestorsHub Logo
Boards
News
Market Data
Markets
Discover
Discover
Subscribe Login/Register
S&P 500
5,619.22
(
0.76%
)
US TECH 100
20,085.63
(
0.88%
)
Dow Jones
39,547.60
(
0.65%
)
Brent Oil
84.96
(
0.31%
)
Bitcoin
57,418.18
(
-1.04%
)
Post# of 249226
Next 10
Reply Private New
Public Reply Private Reply New Post
Keep Last Read
Keep Next 10 Report Keyboard Shortcuts
Next 10 Prev Next

Genz2

Send PM Follow Ignore
Followers 5
Posts 2824
Boards Moderated 0
Alias Born 09/06/2006

Genz2

Re: None

Sunday, 10/18/2020 6:42:48 PM

Sunday, October 18, 2020 6:42:48 PM

Post# of 249226
CyberArk Discover Numerous Vulnerabilities In Popular Antivirus Solutions

https://latesthackingnews.com/2020/10/09/cyberark-discover-numerous-vulnerabilities-in-popular-antivirus-solutions/

Researchers from CyberArk Labs have found serious vulnerabilities in multiple antivirus solutions. Briefly, they found privilege escalation bugs in these programs that exposed the devices to cyber threats. Vulnerabilities in antimalware products are significantly threatening since these programs usually run with high privileges, often at the admin level. Hence, any bugs here, especially the privilege escalation found by CyberArk, could give elevated access to an adversary.

Briefly, the researchers observed that in most cases, the issues existed because of the default DACLs of the C:\ProgramData directory. This director, on Windows, is accessible by all users, unlike the %LocalAppData% that specifies to the logged-in user only. It means any user can read/write files in ProgramData and will have full control of the data present here. Thus, any process created by a non-privileged user that a privileged user executes later will give rise to security issues. Such exploitation could allow for symlink attacks, whilst deleting arbitrary files and point to malicious files. Also, they found DLL hijacking flaw affecting some antivirus programs. Technical details about these vulnerabilities are available in the researchers’ post. Whereas, following is the list of all programs that had the vulnerabilities, with the respective CVEs. Kaspersky: CVE-2020-25045, CVE-2020-25044, CVE-2020-25043 Trend Micro: CVE-2019-19688, CVE-2019-19689 +3 Symantec: CVE-2019-19548 McAfee: CVE-2020-7250, CVE-2020-7310 Checkpoint: CVE-2019-8452 Fortinet: CVE-2020-9290 Avira: CVE-2020-13903 Microsoft: CVE-2019-1161 Avast + F-Secure: Waiting for Mitre

Please see the link for the rest of the article.
=================================================================
Wave Endpoint Monitor sounds better and better!!!

=================================================================
wavesys.com
=================================================================
Wave solutions, better security!!!









Public Reply Private Reply New Post
Keep Last Read
Keep Last Read Next 10 Report Keyboard Shortcuts
Next 10 Prev Next

Join the InvestorsHub Community

Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.

Sign Up