You searched for privilege escalation | SC Media

Your search for privilege escalation returned 112 results

Active Filters

Click on a filter below to refine your search. Remove a filter to broaden your search.

Last 2 years remove

Your search for privilege escalation returned 112 results

Sort Results:

Relevant Recent
mobile security
Mobile Security, Network Security, Security News, Vulnerabilities

Kernel privilege escalation bug actively exploited in Android devices

Researchers have discovered a zero-day kernel privilege escalation bug that can result in the full compromise of certain Android devices and is apparently being exploited in the wild. Devices known to be affected by the high-level, use-after-free vulnerability include the Pixel 1, 1X:, 2 and 2 XL; the Huawei P20; the Xiaomi Redmi 5A; the…
Security News, Vulnerabilities

Multiple privilege escalation vulnerabilities in CleanMyMacX

Several privilege escalation vulnerabilities were found in MacPaw’s CleanMyMac X software, all of which will allow an attacker with local access to the victim’s machine to modify the file system as root. Cisco Talos researchers spotted 13 CVE vulnerabilities in the Mac cleanup application designed to free up extra space on a user’s machine by…
Security News, Vulnerabilities

Vulnerability found in Sophos anti-malware product

Cisco Talos researchers identified a memory disclosure flaw and a code execution vulnerability in the malware detection and protection tool Sophos HitmanPro.Alert. Both vulnerabilities are in the input/output control (IOCTL) message handler with one of the bugs allowing an attacker to read kernel memory contents, while the other glitch allows code execution and privilege escalation,…
patch flaw vulnerability
Security News, Vulnerabilities

Cisco releases updates for 10 high-rated vulnerabilities

Cisco released security updates to address vulnerabilities in multiple products that could allow an attacker to take control of an affected system. The updates include patches to 10 flaws rated “high,” including four denial of service (DoS) bugs involving a Web Security Appliance HTTPS Certificate, a Small Business Series Switches HTTP, a Web Security Appliance…
VMware advisory warns users to patch critical issue in product
Network Security, Security News, Vulnerabilities

VMware squashes critical code execution bug in hypervisors

VMware has updated its Workstation hosted hypervisor and Fusion software hypervisor, fixing a critical vulnerability that could be exploited to trigger arbitrary code execution or a denial of service condition. The virtualization and cloud computing software provider company also fixed two important privilege escalation flaws spread out between four of its products. Designated CVE-2020-3947, the most critical…
Security News, Vulnerabilities

Cisco announced 26 vulnerabilities in over the last two days, three critical

Cisco announced 26 vulnerabilities in over the last two days, including two critical flaws affecting core equipment that could grant attackers an avenue into networks. The vulnerabilities CVE-2019-1625 and CVE-2019-1848  were a Cisco SD-WAN Solution privilege escalation vulnerability and a Cisco DNA Center authentication bypass vulnerability, respectively. The privilege escalation vulnerability, CVE-2019-1625,  is caused by…
Adobe releases patches for critical vulnerabilities in Flash, Shockwave and Photoshop
Network Security, Security News, Vulnerabilities

Patch Tuesday: Adobe announces 25 bug fixes, 21 in Acrobat products

On the last Patch Tuesday of 2019, Adobe today released security updates for Acrobat and Acrobat Reader, Photoshop CC, Brackets and ColdFusion, fixing 25 critical and important vulnerabilities in the process. Twenty-one of the flaws were found in various Acrobat and Acrobat Reader products for the Windows and macOS platforms. Of these, 14 are critical,…
Network Security, Patch Management, Security News, Vulnerabilities

Cisco patches privilege escalation flaw in Adaptive Securty Appliance software

Cisco Systems this week issued an update for its Adaptive Security Appliance (ASA) software, fixing a high-severity vulnerability that could allow authenticated attackers with low-level access to remotely escalate their privileges on Cisco devices with web management access enabled. Designated CVE-2018-15465, the flaw is the result of an improper validation process while using the web management interface.…
Next post in Security News