Kolja Grassmann

**Name of the Vulnerable Software and Affected Versions** Acronis DeviceLock DLP (Windows) versions prior to 9.0.93212 Acronis Cyber Protect Cloud Agent (Windows) versions prior to 42183 **Description** Local privilege escalation occurs due to improper input validation, which is a failure of the application to correctly verify the data it receives, potentially allowing an attacker to gain higher permissions on the system. **Recommendations** Update Acronis DeviceLock DLP (Windows) to build 9.0.93212 or later. Update Acronis Cyber Protect Cloud Agent (Windows) to build 42183 or later.

**Name of the Vulnerable Software and Affected Versions** PDF-XChange Editor (affected versions not specified) **Description** A flaw exists within the TrackerUpdate process of PDF-XChange Editor that allows local attackers to escalate privileges on affected systems. An attacker must first have the ability to execute low-privileged code on the target system. The product loads a library from an unsecured location, which an attacker can exploit to execute code in the context of a target user. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows SDK (affected versions not specified) **Description** The issue is related to improper access control in the Windows SDK, allowing an authorized attacker to elevate privileges locally. There is no information provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Bdrive NetDrive (affected versions not specified) **Description** The issue is related to an uncontrolled search path element, which can lead to local privilege escalation. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Webroot Antivirus versions 8.0.1 through 9.0.35.12 **Description** The issue allows malicious software to abuse WRSA.EXE to delete arbitrary and protected files due to a privilege escalation vulnerability. This vulnerability affects Webroot Antivirus on both Windows 64-bit and 32-bit systems. **Recommendations** For versions 8.0.1 through 9.0.35.12, consider disabling the WRSA.EXE functionality until a patch is available to prevent malicious software from abusing it to delete arbitrary and protected files. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Harmony Endpoint Security Client for Windows versions E88.10 and below **Description** A local privilege escalation issue has been identified. To exploit this issue, an attacker must first obtain the ability to execute local privileged code on the target system. **Recommendations** For Harmony Endpoint Security Client for Windows versions E88.10 and below, update to a version above E88.10 to resolve the issue. At the moment, there is no information about other specific mitigation measures for this issue.

**Name of the Vulnerable Software and Affected Versions** G DATA Total Security (affected versions not specified) **Description** The issue is related to incorrect permission assignment, allowing local attackers to escalate privileges on affected installations. The specific flaw exists within the handling of autostart tasks, resulting from incorrect permissions set on folders. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Trend Micro Apex One (affected versions not specified) **Description** The issue is related to insufficient data authentication in the Trend Micro Apex One security agent, allowing a local attacker to escalate privileges on affected installations. To exploit this, an attacker must first obtain the ability to execute low-privileged code on the target system. This vulnerability enables the attacker to potentially execute arbitrary code and gain elevated privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** giftrans version 1.12.2 **Description** The issue arises from a stack-based buffer overflow in the `giftrans` function. This occurs because a value within the input file dictates the amount of data to be written, allowing an attacker to overwrite up to 250 bytes outside the allocated buffer with arbitrary data. **Recommendations** For giftrans version 1.12.2, as a temporary workaround, consider restricting the use of the `giftrans` function until a patch is available. Avoid using input files that could trigger the buffer overflow. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: gif2apng version 1.9 Description: A stack-based buffer overflow issue was discovered, involving a while loop. The attacker has limited influence over the data written to the stack, making it difficult to subvert the flow of control. Recommendations: For gif2apng version 1.9, at the moment, there is no information about a newer version that contains a fix for this issue.

Name of the Vulnerable Software and Affected Versions: gif2apng version 1.9 Description: An issue was discovered that allows a heap-based buffer overflow in the main function, enabling an attacker to write 2 bytes outside the boundaries of the buffer. Recommendations: For gif2apng version 1.9, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: gif2apng version 1.9 Description: An issue was discovered that allows an attacker to write data outside of the allocated buffer due to a heap-based buffer overflow within the main function. The attacker has control over a part of the address that data is written to, control over the written data, and some control over the amount of data that is written. Recommendations: For gif2apng version 1.9, at the moment, there is no information about a newer version that contains a fix for this issue.

Name of the Vulnerable Software and Affected Versions: gif2apng version 1.9 Description: A heap-based buffer overflow issue was found in the DecodeLZW function, allowing an attacker to write a large amount of arbitrary data outside the boundaries of a buffer. Recommendations: For gif2apng version 1.9, at the moment, there is no information about a newer version that contains a fix for this issue.

Name of the Vulnerable Software and Affected Versions: gif2apng version 1.9 Description: A stack-based buffer overflow issue was discovered, involving a for loop. This issue makes it unlikely for an attacker to subvert the flow of control due to limited influence over the data written to the stack. Recommendations: For gif2apng version 1.9, at the moment, there is no information about a newer version that contains a fix for this issue.