Video: Illumant Demo – Hacking Check Point ZoneAlarm Anti-Virus (step-by-step)
Demonstration of the Check Point ZoneAlarm anti-virus exploit in action.
zero-day
Check Point ZoneAlarm Anti-Virus Exploit
Local Exploitation of WCF Services within ZoneAlarm Anti-Virus Software to Escalate Privileges General Overview Illumant has discovered a critical vulnerability in Check Point’s ZoneAlarm anti-virus software. This vulnerability allows a low-privileged user to escalate to SYSTEM-level privileges. A service endpoint within ZoneAlarm exposes powerful functionality, including the ability to start new processes as SYSTEM. Efforts …
Technical White Paper: Finding and Exploiting the Check Point ZoneAlarm Anti-Virus for Local Privilege Escalation
Introduction Illumant has discovered a critical vulnerability in Check Point’s ZoneAlarm anti-virus software. This vulnerability allows a low-privileged user to escalate privileges to SYSTEM-level with the anti-virus software enabled. The vulnerability is due to insecure implementation of inter-process communications within the ZoneAlarm application itself, which allows a low-privilege user to inject and execute code by …
Press Release: ILLUMANT Discovers Critical “OwnDigo” Vulnerability in Anti-Virus Software
Vulnerability affects Check Point Anti-Virus (ZoneAlarm), allows standard users to escalate to highest privilege level and highlights lesser-known class of vulnerabilities (“OwnDigo”) resulting from insecure process communications using Windows Communication Foundation (WCF).
