Investigating the Print Spooler EoP exploitation (w/ Yonit Glozshtein)
The 3rd and probably final fix for the Print Spooler never ending bug
SafeBreach Labs
A Decade After Stuxnet’s Printer Vulnerability: Printing is Still the Stairway to Heaven
DEF CON 28, CVE-2020-1048, CVE-2020-1337
A Decade After Stuxnet’s Printer Vulnerability: Printing is Still the Stairway to Heaven
Black Hat USA 2020, CVE-2020-1048, CVE-2020-1337
Intel Rapid Storage Technology Service - DLL Preloading and Potential Abuses (CVE-2019-14568)
SafeBreach Labs, CVE-2019-14568
Acer Quick Access - DLL Search-Order Hijacking and Potential Abuses (CVE-2019-18670)
SafeBreach Labs, CVE-2019-18670
ASUS ATK Package - Unquoted Search Path and Potential Abuses (CVE-2019-19235)
SafeBreach Labs, CVE-2019-19235
Trend Micro Security 16 - DLL Search-Order Hijacking and Potential Abuses (CVE-2019-15628)
SafeBreach Labs, CVE-2019-15628
Autodesk Desktop Application - Privilege Escalation to SYSTEM (CVE-2019-7365)
SafeBreach Labs, CVE-2019-7365
Lenovo System Interface Foundation - DLL Preloading and Potential Abuses (CVE-2019-6189)
SafeBreach Labs, CVE-2019-6189
Comodo Internet Security - DLL Preloading and Potential Abuses (CVE-2019-18215)
SafeBreach Labs, CVE-2019-18215
Code42 Server for Windows - DLL Search-Order Hijacking and Potential Abuses (CVE-2019-16861)
SafeBreach Labs, CVE-2019-16861
TeamViewer Windows Client (v11 to v14) - DLL Preloading and Potential Abuses (CVE-2019-18196)
SafeBreach Labs, CVE-2019-18196
SafeBreach Labs, CVE-2019-5694,CVE-2019-5695
Symantec Endpoint Protection - Self-Defense Bypass and Potential Usages (CVE-2019-12758)
SafeBreach Labs, CVE-2019-12758
McAfee - All Editions (MTP, AVP, MIS) - Self-Defense Bypass and Potential Usages (CVE-2019-3648)
SafeBreach Labs, CVE-2019-3648
Amazon Workspaces - Unquoted Search Path and Potential Abuses
SafeBreach Labs
Maxthon Browser for Windows - Unquoted Search Path and Potential Abuses (CVE-2019-16647)
SafeBreach Labs, CVE-2019-16647
Avast Antivirus / AVG Antivirus - DLL Preloading into PPL and Potential Abuses (CVE-2019-17093)
SafeBreach Labs, CVE-2019-17093
Avira Antivirus 2019 (4 Services) - DLL Preloading and Potential Abuses (CVE-2019-17449)
SafeBreach Labs, CVE-2019-17449
HP Touchpoint Analytics - DLL Search-Order Hijacking - Potential Abuses (CVE-2019-6333)
SafeBreach Labs, CVE-2019-6333
Forcepoint VPN Client for Windows - Unquoted Search Path and Potential Abuses (CVE-2019-6145)
SafeBreach Labs, CVE-2019-6145
Check Point Endpoint Security Initial Client for Windows - Privilege Escalation to SYSTEM
SafeBreach Labs, CVE-2019-8461
BitDefender Antivirus Free 2020 - Privilege Escalation to SYSTEM
SafeBreach Labs, CVE-2019-15295
Trend Micro Password Manager - Privilege Escalation to SYSTEM
SafeBreach Labs, CVE-2019-14684
OEM Software Puts Multiple Laptops At Risk (Dell SupportAssist)
SafeBreach Labs, CVE-2019-12280