Good news ! Hackbusters community is waiting for you !  https://discuss.hackbusters.com
KnowBe4 has been running the HackBusters site for a few years now, providing you with trending IT security news. We are expanding it and have launched a new exciting online community! The forum is divided into four main topics or categories: Social Engineering, Ransomware, Phishing and Security Awareness Training. You are invited to be one of the first to join us at: https://discuss.hackbusters.com.

Expert found privilege escalation issue in LG Device Manager

Lg-device-manager-flaw
Security expert discovered a privilege escalation flaw that could be exploited by attackers to elevate permissions to SYSTEM in the LG Device Manager application for LG laptops.

A security expert who goes online with the moniker Jackson T. has discovered the flaw, tracked as CVE-2019-8372, while analyzing the tool’s low-level hardware access (LHA) kernel-mode driver, which is associated with the LG Device Manager system service.

The LHA kernel-mode driver (lha.sys/lha32.sys, v1.1.1703.1700) is associated with the LG Device Manager system service that loads the driver if it detects that the Product Name in the BIOS has one of the following substrings: T350, 10T370, 15U560, 15UD560, 14Z960, 14ZD960, 15Z960, 15ZD960, or Skylake Platform. This means that the driver loads with those associated models which happen to have the 6th-gen Intel Core processors (Skylake).

The researcher focused its analysis on the lha.sys and lha32.sys files shipped with version 1.1.1703.1700.

The...(continued)

View All Trending Stories