Document Title: =============== Reason Core Security v1.2.0.1 - Unqoted Path Privilege Escalation Vulnerability References (Source): ==================== http://ift.tt/2ewOpZi Release Date: ============= 2016-11-14 Vulnerability Laboratory ID (VL-ID): ==================================== 2003 Common Vulnerability Scoring System: ==================================== 4 Product & Service Introduction: =============================== Reason Core Security is an anti-malware program designed by developers HerdProtect. This program is intended for use with your existing antivirus software and acts as a second layer of defense in the event that the malware slips past the real-time protection of your antivirus program. (Copy of the Vendor Homepage: http://ift.tt/1PR6CKZ ) Abstract Advisory Information: ============================== An independent vulnerability laboratory researcher discovered an unquoted service path privilege escalate vulnerability in the Reason Core Security anti-virus software. Vulnerability Disclosure Timeline: ================================== 2016-11-14: Public Disclosure (Vulnerability Laboratory) Discovery Status: ================= Published Affected Product(s): ==================== HerdProtect Product: Reason Core Security - Software 1.2.0.1 Exploitation Technique: ======================= Local Severity Level: =============== Medium Technical Details & Description: ================================ The application suffers from an unquoted search path issue in the official Reason Core Security v1.2.0.1 anti-virus software. The issue allows authorized but unprivileged local users to execute arbitrary code with system privileges on the active system. The attack vector of the vulnerability is local. Proof of Concept (PoC): ======================= The issue can be exploited by local attackers with restricted system user account or network access and without user interaction. For security demonstration or to reproduce the vulnerability follow the provided information and steps below to continue. -- PoC Exploitation
Source: Gmail -> IFTTT-> Blogger
No comments:
Post a Comment