Advanced Search
Search Results
41 total results found
PowerISO 9.3.0.0 Kernel Driver 6.9.0.0 Local Privilege Escalation via Arbitrary Registry Write or Deletion
Summary PowerISO 9.3 installs the signed kernel driver scdemu.sys. When loaded, the driver creates user-visible virtual CD device links such as \\.\SCDEmuDev0. Two registry helper IOCTLs are reachable from a standard user: 0x80002018: writes or deletes a c...
Ultra RAMDisk Pro 1.82 Kernel Driver URDSCSI.sys Local Privilege Escalation via Arbitrary Registry Value Write
Summary Ultra RAMDisk Pro installs a WHQL-signed kernel driver, URDSCSI.sys, that exposes a user-reachable control device at \\.\UltraRAMDiskIOCTL. A standard local user can send IOCTL 0x222B30 with command 0x08 to make the driver call RtlCreateRegistryKey an...
StableBit Scanner 2.6.13.4088 Local Privilege Escalation via Insecure Deserialization
Summary StableBit Scanner exposes a local .NET Remoting IPC endpoint from ScannerService, which runs as LocalSystem. A standard local user can connect to \\.\pipe\Scanner2_Comm, perform a benign remoting call, and send a BinaryFormatter gadget as the object T...
StableBit DrivePool 2.3.13.1687 Local Privilege Escalation via Insecure Deserialization
Summary StableBit DrivePool exposes a local .NET Remoting IPC endpoint from DrivePoolService, which runs as LocalSystem. A standard local user can connect to \\.\pipe\StableBitDrivePool_Comm, perform a benign remoting call, and send a BinaryFormatter gadget a...
DeepCool 1.2.12 DisplayService Exposes an Unauthenticated LocalSystem Named-Pipe Control Channel
Summary DeepCool Deep Creative 1.2.12 installs DeepCoolDisplayService.exe, a service component intended to run as LocalSystem. In a live validation, a standard local user at Medium Integrity could not control the service through the Windows Service Control Ma...