Author: Kolja

The DeviceLockDllDrv0.sys kernel driver shipped with Acronis Device Lock allows an unprivileged user to write to an arbitrary kernel address potentially leading to LPE.

The TrackerUpdate process loads libraries from an unsecured location, leading to privilege escalation.

The AppServer service installed with Parallel Client searches for an OpenSSL config file in an unsecured location, which allowed low privileged users to escalate their privileges.

The service `IpOverUsbSvc` installed with the Windows SDK had weak permissions on it's installation folder, which allowed low privileged users to escalate their privileges to `SYSTEM`.

Virtual CloneDrive allows users to mount ISO files and other disk image formats as virtual drives on their computer. Its kernel driver, accessible to low-privileged users, exposes a function that fails to properly validate the privileges of the calling process. This allows creating files at arbitrary locations with full user control, ultimately allowing for privilege escalation to `SYSTEM`.

Trend Micro Apex One is a security product that protects endpoints from malware and detects attacks. The fixed vulnerability enabled attackers with existing access to a system to elevate their privileges to `SYSTEM`.

Webroot Endpoint Protection is a security product that protects endpoints from malware and detects attacks. The fixed vulnerability enabled attackers with existing access to a system to elevate their privileges to `SYSTEM`.

Check Point Harmony is a security product that protects endpoints from malware and detects attacks. The fixed vulnerability enabled attackers with existing access to a system to elevate their privileges to `SYSTEM`.