![]() ![]() We will also touch on the second, which is a trivial arbitrary write with arbitrary content vulnerability. While both vulnerabilities can lead to a full privilege escalation, for the purposes of this blog, we’ll focus on the arbitrary delete vulnerability as it is a bit more complex. ![]() These vulnerabilities have since been disclosed and Intel has issued a fix. The first vulnerability is of an arbitrary file deletion, which is quite common among update-related programs and the second is an easy full privilege escalation vulnerability that allows you to run code as NT AUTHORITY\SYSTEM. This post focuses on two vulnerabilities the CyberArk Labs team uncovered in the Intel Support Assistant that affected the millions of Windows machines that run this software. ![]()
0 Comments
Leave a Reply. |