Home / os / bsd

Ivanti Workspace Control Application PowerGrid RWS Whitelist Bypass

Posted on 01 October 2018

It was found that the PowerGrid application will execute rundll32.exe from a relative path when it is started with the /RWS command line option. An attacker can abuse this issue to bypass Application Whitelisting in order to run arbitrary code on the target machine. This issue was successfully verified on Ivanti Workspace Control version 10.2.700.1.

 

TOP

Malware :

Exploits :