CVE-2019-9702: Symantec Encryption Desktop – Local Privilege Escalation – Exploiting an Arbitrary Hard Disk Read/Write Vulnerability Over NTFS

CVE: CVE-2019-9702
Reported by: Kyriakos Economou (@kyREcon)
Vendors: Symantec
Reported by: Kyriakos Economou (@kyREcon)

Advisory
These vulnerabilities allow an attacker to attain arbitrary hard disk read and write access at sector level, and subsequently infect the target and gain low level persistence (MBR/VBR). They also allow the attacker to execute code in the context of the built-in SYSTEM user account, without requiring a reboot.

References
Nettitude – Exploitation Write-up (PDF)

The A.R.F Project©

CVE-2019-9702: Symantec Encryption Desktop – Local Privilege Escalation – Exploiting an Arbitrary Hard Disk Read/Write Vulnerability Over NTFS

All Rights R3v3rs3d