You searched for privilege escalation | SC Media

Your search for privilege escalation returned 48 results

Active Filters

Click on a filter below to refine your search. Remove a filter to broaden your search.

Last 12 months remove

Your search for privilege escalation returned 48 results

Sort Results:

Relevant Recent
mobile security
Mobile Security, Network Security, Security News, Vulnerabilities

Kernel privilege escalation bug actively exploited in Android devices

Researchers have discovered a zero-day kernel privilege escalation bug that can result in the full compromise of certain Android devices and is apparently being exploited in the wild. Devices known to be affected by the high-level, use-after-free vulnerability include the Pixel 1, 1X:, 2 and 2 XL; the Huawei P20; the Xiaomi Redmi 5A; the…
patch flaw vulnerability
Security News, Vulnerabilities

Cisco releases updates for 10 high-rated vulnerabilities

Cisco released security updates to address vulnerabilities in multiple products that could allow an attacker to take control of an affected system. The updates include patches to 10 flaws rated “high,” including four denial of service (DoS) bugs involving a Web Security Appliance HTTPS Certificate, a Small Business Series Switches HTTP, a Web Security Appliance…
VMware advisory warns users to patch critical issue in product
Network Security, Security News, Vulnerabilities

VMware squashes critical code execution bug in hypervisors

VMware has updated its Workstation hosted hypervisor and Fusion software hypervisor, fixing a critical vulnerability that could be exploited to trigger arbitrary code execution or a denial of service condition. The virtualization and cloud computing software provider company also fixed two important privilege escalation flaws spread out between four of its products. Designated CVE-2020-3947, the most critical…
Security News, Vulnerabilities

Cisco announced 26 vulnerabilities in over the last two days, three critical

Cisco announced 26 vulnerabilities in over the last two days, including two critical flaws affecting core equipment that could grant attackers an avenue into networks. The vulnerabilities CVE-2019-1625 and CVE-2019-1848  were a Cisco SD-WAN Solution privilege escalation vulnerability and a Cisco DNA Center authentication bypass vulnerability, respectively. The privilege escalation vulnerability, CVE-2019-1625,  is caused by…
Adobe releases patches for critical vulnerabilities in Flash, Shockwave and Photoshop
Network Security, Security News, Vulnerabilities

Patch Tuesday: Adobe announces 25 bug fixes, 21 in Acrobat products

On the last Patch Tuesday of 2019, Adobe today released security updates for Acrobat and Acrobat Reader, Photoshop CC, Brackets and ColdFusion, fixing 25 critical and important vulnerabilities in the process. Twenty-one of the flaws were found in various Acrobat and Acrobat Reader products for the Windows and macOS platforms. Of these, 14 are critical,…
Security News, Vulnerabilities

A light November Patch Tuesday for Adobe

Adobe’s November Patch Tuesday offering focused on several products not normally covered with its monthly security update, including Illustrator, Media Encoder and Animate. None of the patched vulnerabilities have been spotted in the wild. Illustrator CC 2019’s patch covered three vulnerabilities, CVE-2019-7962, CVE-2019-8247 and CVE-2019-8248 with the first being rated important and the last two…
On Patch Tuesday, Microsoft unveils fix for critical Windows flaw 'JASBUG'
Patch Management, Security News

Microsoft Patch Tuesday addresses two actively exploited zero-days

Microsoft’s July 2019 Patch Tuesday included updates for 77 vulnerabilities, including two actively exploited zero-days and five publicly disclosed vulnerabilities. One of the zero-days, CVE-2019-1132, a privilege escalation vulnerability in the Win32k component, was actively exploited as part of the attack chain by a group of Russian state-funded hackers.  If exploited, this bug could allow…
Malware, Security News

Nansh0u cryptomining cryptomining hit 50,000 servers

A China-based cryptomining malware campaign dubbed Nansh0u has targeted and infected up to 50,000 servers Windows MS-SQL and PHPMyAdmin servers worldwide. Guardicore researchers disclosed the campaign which took place between February 26 and April 11 of this year, in a May 29 blog post and described it as more than just a typical cryptomining attack…
Security News, Vulnerabilities

Adobe offers up a light Patch Tuesday for April

Adobe issued a mild batch of Patch Tuesday security update for April covering three products with all vulnerabilities being rated as important. ColdFusion 2016 and 2018 received patches for CVE-2020-3767, an insufficient input validation issue that can lead to an application-level DoS situation;  CVE-2020-3768 is a DLL search-order hijacking problem that can lead to Privilege…
Patch Management, Patch/Configuration Management, Security News

Adobe’s July Patch Tuesday includes Bridge CC, Experience Manager, Dreamweaver fixes

Adobe’s July 2019 Patch Tuesday included updates for its Adobe Bridge CC , Adobe Experience Manager and Adobe Dreamweaver products. The updates for Experience Manager patched three vulnerabilities, while Bridge and Dreamweaver updates each have one, none of which are labeled as “critical,” and the highest rated vulnerability for each software is rated “important,” according…
Next post in Patch Management