Truecrypt 7 Privilege Escalation
Posted by deepcore on October 6, 2015 – 8:57 am
The Windows driver used by projects derived from Truecrypt 7 (verified in Veracrypt and CipherShed) are vulnerable to a local elevation of privilege attack by checking process of impersonation token which allow a user to inspect and potentially manipulate other users mounted encrypted volumes on the same machine.
Post a reply
You must be logged in to post a comment.