SB2020120110 - Privilege escalation in Devid Espenschied PC Analyser

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Improper Privilege Management (CVE-ID: CVE-2020-28921)

The vulnerability allows a local user to escalate privileges.

The vulnerability exists due to improper privilege management when the PCADRVX64.SYS kernel driver exposes IOCTL functionality. A local user can execute arbitrary code and escalate privileges.

2) Improper Privilege Management (CVE-ID: CVE-2020-28922)

The vulnerability allows a local user to escalate privileges.

The vulnerability exists due to improper privilege management when the PCADRVX64.SYS kernel driver exposes IOCTL functionality. A local user can execute arbitrary code and escalate privileges.

Remediation

Cybersecurity Help is not aware of any official remediation provided by the vendor.

References

• http://www.pcanalyser.de/index.php/historie/
• https://github.com/eset/vulnerability-disclosures
• https://github.com/eset/vulnerability-disclosures/blob/master/CVE-2020-28921/CVE-2020-28921.md
• https://github.com/eset/vulnerability-disclosures/blob/master/CVE-2020-28922/CVE-2020-28922.md