무료 명 Bitdefender 안티 바이러스 고정 취약점에, 권한의 단계적 확대를 주도

SafeBreach 전문가는 무료 바이러스 백신 명 Bitdefender 안티 바이러스 무료의 취약점을 발견 2020 (버전까지 1.0.15.138 그 문제를 해결).

he bug received the identifier CVE-2019-15295 and scored 5.9 points on the CVSS vulnerability rating scale. 이 취약점은 시스템 수준으로 권한을 상승 공격자에 의해 사용될 수.

The problem is related to the lack of proper verification of downloadable binaries: it is not checked whether they are signed and downloaded from a trusted location.

“NT AUTHORITY\SYSTEMthe most privileged user account. This kind of service might be exposed to a user-to-SYSTEM privilege escalation, which is very useful and powerful to an attacker. The executable of the service is signed by BitDefender and if the hacker finds a way to execute code within this process, it can be used as an application whitelisting bypass which can lead to security product evasion”, - 쓰다 SafeBreach specialists.

The vulnerability is directly associated with the ServiceInstance.dll 도서관, which is downloaded by the BitDefender update service (updatesrv.exe) and the BitDefender security service (vsserv.exe), which are signed by Bitdefender and operate with SYSTEM privileges. 차례로, ServiceInstance.dll loads the RestartWatchDog.dll 도서관.

이후 RestartWatchDog.dll is not loading safely, the antivirus application does not guarantee that the downloaded library file has been signed. This allows an attacker who has access to a system running Bitdefender Antivirus Free 2020 to install a malicious version of the library that will work instead of the legitimate one.

To ensure success of the attack, user or process with administrator privileges must first change the PATH to include the folder in which the attacker wants to inject the malicious DLL. You will also need to set the appropriate permissions for this directory so that a user without administrator rights can write files to it.

“Despite the fact it’s an antivirus, these services are running as non-PPL, which means that CIG (Code Integrity Guard) is not enforced, so unsigned code loading is possible into these processes”, - 보고서 연구원.

SafeBreach researchers note that they recently revealed a very similar vulnerability in Trend Micro’s password manager. It also allowed insecure loading of the DLL and allowed the attacker to increase privileges in the system.

현재, Bitdefender specialists have already fixed the problem by releasing an updated version of their antivirus.

트로이 킬러 소개

메모리 스틱에 트로이 킬러 휴대용 운반. 당신은 당신이 어디를 가든 당신의 PC가 어떤 사이버 위협에 저항 도울 수 있는지 확인하십시오.

또한 확인

Facebook 바이러스 - 현대적인 스팸 캠페인.

Facebook 바이러스 – 현대적인 스팸 캠페인.

Facebook 바이러스는 오늘날 Facebook을 통해 대량으로 전송되는 스팸의 일반적인 이름입니다.. …

Google 멤버십 보상 사기

Google 멤버십 보상 사기. 당신이 알아야 할 것은

Google 멤버십 보상 웹 사이트가 무엇인지 아는 경우, 나쁜 소식이 있습니다 …

회신을 남겨주