Agnitum Outpost security suite privilege escalation - 0Day

vendor:

Outpost Security Suite Pro

by:

Ahmad Moghimi

7,2

CVSS

HIGH

Privilege Escalation

269

CWE

Product Name: Outpost Security Suite Pro

Affected Version From: 8.1

Affected Version To: 8.1

Patch Exists: YES

Related CWE: NO-CVE

CPE: a:agnitum:outpost_security_suite_pro

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows

2013

Agnitum Outpost security suite privilege escalation – 0Day

Ahmad Moghimi discovered a privilege escalation vulnerability in Agnitum Outpost security suite. The vulnerability exists due to the lack of proper validation of user-supplied input when registering a DLL file. An attacker can exploit this vulnerability by registering a malicious DLL file with Regsvr32.exe and then running the exploit.exe file. This will allow the attacker to gain elevated privileges on the system.

Mitigation:

Users should update to the latest version of Agnitum Outpost security suite to mitigate this vulnerability.

Source

Exploit-DB raw data:

# Exploit Title: Agnitum Outpost security suite privilege escalation - 0Day
# Date: 2013-08-02
# Exploit Author: Ahmad Moghimi (http://mallocat.com
<http://mallocat.com/>, https://twitter.com/mall0cat)
# Vendor Homepage: http://www.agnitum.com/
# Software Link: http://dl2.agnitum.com/OutpostSecuritySuiteProInstall.exe
# Version: 8.1 Latest build
# Tested on: windows
# CVE : NO-CVE

Reference: http://mallocat.com/a-journey-to-antivirus-escalation/
Demo: http://mallocat.com/wp-content/uploads/2013/08/win7.swf
Exploit code: http://mallocat.com/wp-content/uploads/2013/08/escalate.7z
              https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/27282.7z

Exploit-DB note:
Open and read the reference supplied

From low privileged account
#1) Register Regsvr32.exe /s C:\Program Files\agnitum\Outpost Security Suite Pro\..\..\..\x.dll
#2) Run exploit.exe