Kaspersky Anti-Ransomware Tool (KART) DLL Highjacked
Well, speaking of the 'power of a well-trained team' and the advantages of a collaborative approach, another 0day discovered, and CVE published by the BEETLES Red Team.
Due to an unsafe DLL search path, the installer of Kaspersky Anti-Ransomware Tool (KART) was vulnerable to a DLL hijacking attack that allowed an attacker to elevate privileges in the system (CVE-2020-28950).
Kaspersky is a Russian multinational cybersecurity and anti-virus provider headquartered in Moscow, Russia, and is a market leader in this field.
This is yet another fantastic accomplishment by the BEETLES Red Team. Congratulations to the team and of course, Shahee Mirza, Chief Cyber Operations Officer, for his guidance and mentorship. And a huge thank you to Kaspersky for the acknowledgment and publication.
https://support.kaspersky.com/general/vulnerability.aspx?el=12430#290720