Ivanti Workspace Control Application PowerGrid RWS Whitelist Bypass

Posted by deepcore on October 2, 2018 – 1:05 pm

It was found that the PowerGrid application will execute rundll32.exe from a relative path when it is started with the /RWS command line option. An attacker can abuse this issue to bypass Application Whitelisting in order to run arbitrary code on the target machine. This issue was successfully verified on Ivanti Workspace Control version 10.2.700.1.

This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.

« Ivanti Workspace Control Application PowerGrid SEE Whitelist Bypass MensaMax 4.3 Hardcoded Encryption Key Disclosure »

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Ivanti Workspace Control Application PowerGrid RWS Whitelist Bypass

Post a reply

Tabs Switcher

Categories

Archives

Meta

BLOGROLL