avast! Local Information Disclosure |
https://wikileaks.org/hackingteam/emails/emailid/45441 |
13-005 |
0 |
1 |
Brokered |
avast! Local Privilege Escalation |
https://wikileaks.org/hackingteam/emails/emailid/45441 |
13-010 |
0 |
1 |
Brokered |
McAfee ePolicy Orchestrator Privileged Remote Code Execution |
https://wikileaks.org/hackingteam/emails/emailid/45441 |
13-019 |
1 |
0 |
Brokered |
McAfee ePolicy Orchestrator Post-Auth Privileged Remote Code Execution |
https://wikileaks.org/hackingteam/emails/emailid/45441 |
13-023 |
1 |
0 |
Brokered |
McAfee ePolicy Orchestrator Post-Auth Privileged Remote Code Execution |
https://wikileaks.org/hackingteam/emails/emailid/45441 |
13-024 |
1 |
0 |
Brokered |
ESET NOD32 Antivirus and ESET Smart Security Remote Pre-auth Code Execution |
https://wikileaks.org/hackingteam/emails/emailid/45441 |
2010-0021 |
0 |
1 |
Brokered, Sold |
Symantec AntiVirus Remote Stack Buffer Overflow |
http://www.securityfocus.com/news/11426 |
CVE-2006-2630 |
0 |
1 |
Exploited ItW |
McAfee Stinger Portable DLL Sideloading |
https://wikileaks.org/ciav7p1/cms/page_27492400.html |
Fine Dining |
0 |
1 |
CIA collection |
Sophos Virus Removal Tool DLL sideloading |
https://wikileaks.org/ciav7p1/cms/page_27263043.html |
Fine Dining |
0 |
1 |
CIA collection |
Kaspersky TDSS Killer Portable DLL Sideloading |
https://wikileaks.org/ciav7p1/cms/page_27492393.html |
Fine Dining |
0 |
1 |
CIA collection |
ClamWin Portable DLL Hijack |
https://wikileaks.org/ciav7p1/cms/page_27262995.html |
Fine Dining |
0 |
1 |
CIA collection |
Kaspersky ?? SUID command injection |
https://hackmd.io/s/r1gLMUUpx |
evolvingstrategy |
0 |
1 |
EQGRP exploit leaked by Shadow Brokers |
Symantec rastlsc.exe DLL side-loading |
https://www.welivesecurity.com/wp-content/uploads/2018/03/ESET_OceanLotus.pdf |
OceanLotus |
0 |
1 |
ESET report |
Trend Micro Office Scan server ZIP path traversal |
https://www.zdnet.com/article/trend-micro-antivirus-zero-day-used-in-mitsubishi-electric-hack/ |
CVE-2019-18187 |
1 |
0 |
Mitsubishi Electric |
Trend Micro Apex One and OfficeScan migration tool RCE |
https://www.darkreading.com/vulnerabilities---threats/trend-micro-patches-two-zero-days-under-attack/d/d-id/1337338 https://success.trendmicro.com/solution/000245571 https://www.tenable.com/blog/cve-2020-8467-cve-2020-8468-vulnerabilities-in-trend-micro-apex-one-and-officescan-exploited-in |
CVE-2020-8467 |
1 |
0 |
N/A |
Trend Micro Apex One and OfficeScan content validation escape |
https://www.darkreading.com/vulnerabilities---threats/trend-micro-patches-two-zero-days-under-attack/d/d-id/1337338 https://success.trendmicro.com/solution/000245571 https://www.tenable.com/blog/cve-2020-8467-cve-2020-8468-vulnerabilities-in-trend-micro-apex-one-and-officescan-exploited-in |
CVE-2020-8468 |
0 |
1 |
N/A |
Windows Defender buffer overflow |
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-1647 |
CVE-2021-1647 |
0 |
1 |
Exploitation was detected before fix was released. Snort rules detect shellcode. May be related to the SolarWinds breach (although this remark was deleted from ZDI's original post) |
Trend Micro Apex One Improper Access Control Privilege Escalation |
https://www.zerodayinitiative.com/advisories/ZDI-20-1094/ |
CVE-2020-24557 |
0 |
1 |
https://therecord.media/nightmare-week-for-security-vendors-now-a-trend-micro-bug-is-being-exploited-in-the-wild/ (unclear if exploitation happened before or after vendor was notified about the bug) |
Trend Micro Apex One Local Privilege Escalation and Arbitrary File Upload |
https://success.trendmicro.com/solution/000287819 |
CVE-2021-36742 CVE-2021-36741 |
1 |
1 |
https://therecord.media/hackers-tried-to-exploit-two-zero-days-in-trend-micros-apex-one-edr-platform/ |
Trend Micro Apex Central Arbitrary File Upload RCE |
https://success.trendmicro.com/dcx/s/solution/000290678?language=en_US |
CVE-2022-26871 |
1 |
0 |
https://twitter.com/GossiTheDog/status/1510901921657331716 |
eScan insecure update MitM leads to RCE |
https://decoded.avast.io/janrubin/guptiminer-hijacking-antivirus-updates-for-distributing-backdoors-and-casual-mining/ |
N/A |
0 |
1 |
https://decoded.avast.io/janrubin/guptiminer-hijacking-antivirus-updates-for-distributing-backdoors-and-casual-mining/ |