CVE-2020-14418: madCodeHook Library TOCTOU Local Privilege Escalation

CVE: CVE-2020-14418
Reported by: Kyriakos Economou (@kyREcon)
Vendors: Cisco, Morphisec, others thers using the affected library
Products:  Unified Threat Prevention Platform v4.x earlier than v4.1.2, v3.5.9, v3.0.9 | Cisco AMP v6.3.x and earlier, other security software using the affected library
Reported by: Kyriakos Economou (@kyREcon)

A TOCTOU vulnerability exists in madCodeHook before 2020-07-16 that allows local attackers to elevate their privileges to SYSTEM. This occurs because path redirection can occur via vectors involving directory junctions.

Nettitude – Exploitation Write-up  (PDF)

All Rights R3v3rs3d