Outpost Firewall Pro Privilege Escalation Vulnerability

Affected Software: Outpost Firewall Pro 3.x
Ben Goulding has discovered a vulnerability in Outpost Firewall Pro, which can be exploited by malicious, local users to gain escalated privileges.

The vulnerability is caused due to the application windows running with SYSTEM privileges and the application not checking if explorer.exe is running. This can be exploited to launch explorer.exe with SYSTEM privileges by terminating it and then using the “open folder” option in e.g. the “Shared Components” window.

The vulnerability has been confirmed in version 3.51.759.6511 (462). Other versions may also be affected.

Solution: Enable password protection.


Leave a Reply