New Vulnerabilities Found in Security Software via COM Hijacking
/ 1 min read
🧨 New vulnerabilities discovered in security software through COM hijacking. In the latest installment of a blog series, researchers detailed two additional vulnerabilities stemming from COM hijacking techniques. The first vulnerability, affecting Webroot Endpoint Protect (CVE-2023-7241), allowed for arbitrary file deletion, enabling privilege escalation. The second vulnerability targeted Checkpoint Harmony (CVE-2024-24912), where a file download primitive was exploited to gain elevated privileges. Both exploits involved manipulating the communication between front-end and back-end processes, ultimately allowing attackers to execute code with higher system privileges. The series aims to shed light on the risks associated with COM interfaces in security products, with a final post planned to discuss further vulnerabilities in Bitdefender Total Security.
