I’ve been doing some driver reverse engineering and exploitation since the last webserver. Since then, I have found 4 high severity CVE’s in drivers or programs.
These all lead to priviledge escalation from low/medium integrity -> high integrity. This product claims 10 million active users and 500 million downloads, thats hard to beleive though.
This shows two seperate privilege escalations in the same exact anti virus. Two entirely different methods, same result.
(ignore the sounds of the caffee in the background lol)
Here are my githubs for all of these local privilege escalation vulnerabilities:
I was rewarded with a product code for these vulnerabilities.
Here was the professional writeup I sent that clearly explains all of the issues.