You searched for privilege escalation | SC Media

Your search for privilege escalation returned 10 results

Active Filters

Click on a filter below to refine your search. Remove a filter to broaden your search.

Last 3 months remove

Your search for privilege escalation returned 10 results

Sort Results:

Relevant Recent
VMware advisory warns users to patch critical issue in product
Network Security, Security News, Vulnerabilities

VMware discloses important local privilege escalation bug found in 3 products

VMware’s latest security advisory discloses three vulnerabilities spread out among five products. The most significant of this trio is an “important” time-of-check time-of-use (TOCTOU) flaw in the service opener of Fusion, VMRC and Horizon Client that can be locally exploited to escalate privileges to root. Officially designated CVE-2020-3957, the bug was assigned a CVSSv3 base score of…
VMware advisory warns users to patch critical issue in product
Network Security, Security News, Vulnerabilities

VMware squashes critical code execution bug in hypervisors

VMware has updated its Workstation hosted hypervisor and Fusion software hypervisor, fixing a critical vulnerability that could be exploited to trigger arbitrary code execution or a denial of service condition. The virtualization and cloud computing software provider company also fixed two important privilege escalation flaws spread out between four of its products. Designated CVE-2020-3947, the most critical…
Security News, Vulnerabilities

Adobe offers up a light Patch Tuesday for April

Adobe issued a mild batch of Patch Tuesday security update for April covering three products with all vulnerabilities being rated as important. ColdFusion 2016 and 2018 received patches for CVE-2020-3767, an insufficient input validation issue that can lead to an application-level DoS situation;  CVE-2020-3768 is a DLL search-order hijacking problem that can lead to Privilege…
Security News, Vulnerabilities

Drupal, Google and Cisco post security advisories

Batches of security advisories were rolled out by Drupal, Google and Cisco yesterday addressing a host of critical-rated issues for their products. Drupal addressed a critical vulnerability affecting Drupal 8.7 and 8.8. The issue is a Cross Site Scripting vulnerability in third-party libraries. An attacker that can create or edit content may be able to…
Coronavirus, Events, Network Security, Security News, Vulnerabilities

Pwn2Own contest yields 13 bugs, as virtual format expands talent pool

Research teams at the Pwn2Own 2020 competition successfully exploited 13 software vulnerabilities this past week, including bugs found in products from Adobe, Apple, Microsoft, Oracle and Ubuntu. Participants earned $270,000 over the two-day event — the first Pwn2Own ever to be held virtually, as a measure to combat the rapid spread of the novel coronavirus.…
Network Security, Security News, Vulnerabilities

Cisco security advisories address 47 flaws, three critical

Cisco Systems on Wednesday, June 3 released a series of security advisories addressing a total of 47 vulnerabilities, including three critical bugs that were found and fixed in IOS or IOS EX software. Among the most series flaws is a privilege escalation vulnerability in the authorization controls of the IOx application hosting infrastructure in Cisco IOS XE…
patch flaw vulnerability
Security News, Vulnerabilities

Adobe patches 41 vulnerabilities, 22 in Photoshop

Adobe may have skipped March Patch Tuesday to push out security updates but caught up today issuing advisories covering 41 vulnerabilities, the majority critical, over six products. The products included Adobe Genuine Integrity Service, Acrobat Reader, Photoshop, Experience Manager, ColdFusion 2016 and 2018 and Bridge. None of the vulnerabilities have been spotted in the wild…
Executive Insight, Opinion

A 10-point plan for securing remote workers

Globally, more and more organizations are beginning to enforce work from home policies for employees and contractors. Opening up this kind of remote access for employees and contractors across all departments is new for many organizations. While several organizations have remote access for their IT support personnel, allowing access for all major departments, including core…
Security News, Vulnerabilities

Intel forced to discontinue multiple products due to vulnerabilities

Intel issued security advisories for nine vulnerabilities, with two rated high and seven medium, in six product areas. Intel’s NUC line of small form factor PCs were patched for the high-rated CVE-2020-0600. There are improper buffer restrictions in the firmware for 10 of the NUC designs that may allow an authenticated user to potentially enable…
Security News, Vulnerabilities

Intel issues nine security advisories

Intel rolled out nine security advisories for a variety of components associated with its processors and graphics drivers, with four having a high severity rating and the remainder medium. The high-rated advisory for Intel graphics drivers contains 17 CVEs, which if left unpatched and exploited could lead to escalation of privilege, denial of service and…
Next post in Vulnerabilities