Author: Kolja

The service `IpOverUsbSvc` installed with the Windows SDK had weak permissions on it's installation folder, which allowed low privileged users to escalate their privileges to `SYSTEM`.

Virtual CloneDrive allows users to mount ISO files and other disk image formats as virtual drives on their computer. Its kernel driver, accessible to low-privileged users, exposes a function that fails to properly validate the privileges of the calling process. This allows creating files at arbitrary locations with full user control, ultimately allowing for privilege escalation to `SYSTEM`.

Trend Micro Apex One is a security product that protects endpoints from malware and detects attacks. The fixed vulnerability enabled attackers with existing access to a system to elevate their privileges to `SYSTEM`.

Webroot Endpoint Protection is a security product that protects endpoints from malware and detects attacks. The fixed vulnerability enabled attackers with existing access to a system to elevate their privileges to `SYSTEM`.

Check Point Harmony is a security product that protects endpoints from malware and detects attacks. The fixed vulnerability enabled attackers with existing access to a system to elevate their privileges to `SYSTEM`.

Bitdefender Total Security is a security product that protects endpoints from malware and detects attacks. The fixed vulnerability enabled attackers with existing access to a system to elevate their privileges to `SYSTEM`.

AVG Internet Security is a security product that protects endpoints from malware. The fixed vulnerability enabled attackers with existing access to a system to elevate their privileges to `SYSTEM`.