Vigil@nce - Microsoft Forefront Endpoint Protection 2010, Microsoft System Center Endpoint Protection: privilege escalation via MpSigStub.exe
October 2019 by Vigil@nce
This bulletin was written by Vigil@nce : https://vigilance.fr/offer/Computer...
SYNTHESIS OF THE VULNERABILITY
Impacted products: Forefront Endpoint Protection, System Center
Consequences: privileged access/rights, data deletion.
Provenance: user shell.
Confidence: confirmed by the editor (5/5).
Creation date: 14/08/2019.
DESCRIPTION OF THE VULNERABILITY
An attacker can bypass restrictions via MpSigStub.exe of Microsoft Forefront Endpoint Protection 2010 or Microsoft System Center Endpoint Protection, in order to escalate his privileges.
ACCESS TO THE FULL VIGIL@NCE BULLETIN