all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Windows Credential Guard BCrypt Context Use-After-Free Privilege Escalation

Add to bookmarks
Sept. 9, 2022, 3:45 p.m. |

Packet Storm packetstormsecurity.com

On Windows, the method for allocating a context when using the CG BCrypt APIs is insecure leading to use-after-free of secure memory resulting in elevation of privilege.

bcrypt credential escalation free guard privilege privilege escalation use-after-free windows

Visit resource

More from packetstormsecurity.com / Packet Storm

Apache Solr Backup/Restore API Remote Code Execution 15 hours ago | packetstormsecurity.com
11.2 apache apache solr api +17
Ubuntu Security Notice USN-6748-1 15 hours ago | packetstormsecurity.com
attack attacker cross-site issue +9
Ubuntu Security Notice USN-6747-1 15 hours ago | packetstormsecurity.com
arbitrary code attacker code denial of service +16
Ubuntu Security Notice USN-6742-2 15 hours ago | packetstormsecurity.com
attacker authentication bluetooth connections +11
Relate Learning And Teaching System SSTI / Remote Code Execution 15 hours ago | packetstormsecurity.com
batch code code execution exam +13
Nginx 1.25.5 Host Header Validation 16 hours ago | packetstormsecurity.com
bug header host malice +2
Red Hat Security Advisory 2024-2033-03 16 hours ago | packetstormsecurity.com
advisory enterprise libreswan linux +5
Red Hat Security Advisory 2024-2011-03 16 hours ago | packetstormsecurity.com
advisory buffer buffer overflow buffer overflow vulnerability +12
Red Hat Security Advisory 2024-2010-03 16 hours ago | packetstormsecurity.com
advisory components crlf injection denial of service +19

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Level 1 SOC Analyst

@ Telefonica Tech | Dublin, Ireland
View on infosec-jobs.com

Specialist, Database Security

@ OP Financial Group | Helsinki, FI
View on infosec-jobs.com

Senior Manager, Cyber Offensive Security

@ Edwards Lifesciences | Poland-Remote
View on infosec-jobs.com

Information System Security Officer

@ Booz Allen Hamilton | USA, AL, Huntsville (4200 Rideout Rd SW)
View on infosec-jobs.com

Senior Security Analyst - Protective Security (Open to remote across ANZ)

@ Canva | Sydney, Australia
View on infosec-jobs.com
View more jobs