Kernel Exploitation
-
A Tale of Two CatchPulse Antivirus Exploits
What happens when your antivirus becomes the easiest way to compromise your system? In this post, I uncover two zero-day vulnerabilities in the CatchPulse driver that allow an attacker to bypass weak process “authentication,” abuse privileged file operations to dump sensitive data like password hashes, and ultimately trigger a kernel heap overflow for arbitrary read/write…