Vigil@nce - Microsoft Forefront Endpoint Protection 2010, Microsoft System Center Endpoint Protection: privilege escalation via MpSigStub.exe
October 2019 by Vigil@nce
This bulletin was written by Vigil@nce : https://vigilance.fr/offer/Computer-vulnerability-database-and-alert
SYNTHESIS OF THE VULNERABILITY
– Impacted products: Forefront Endpoint Protection, System Center
Endpoint Protection.
– Severity: 2/4.
– Consequences: privileged access/rights, data deletion.
– Provenance: user shell.
– Confidence: confirmed by the editor (5/5).
– Creation date: 14/08/2019.
DESCRIPTION OF THE VULNERABILITY
An attacker can bypass restrictions via MpSigStub.exe of Microsoft
Forefront Endpoint Protection 2010 or Microsoft System Center
Endpoint Protection, in order to escalate his privileges.
ACCESS TO THE FULL VIGIL@NCE BULLETIN