Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A local attacker can bypass OpenEDR's 2.5.1.0 self-defense mechanism by renaming a malicious executable to match a trusted process name (e.g., csrss.exe, edrsvc.exe, edrcon.exe). This allows unauthorized interaction with the OpenEDR kernel driver, granting access to privileged functionality such as configuration changes, process monitoring, and IOCTL communication that should be restricted to trusted components. While this issue alone does not directly grant SYSTEM privileges, it breaks OpenEDR's trust model and enables further exploitation leading to full local privilege escalation.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OpenEDR 安全漏洞
Vulnerability Description
OpenEDR是Comodo Cyber Security开源的一个终端检测与响应安全平台。 OpenEDR 2.5.1.0版本存在安全漏洞,该漏洞源于可通过重命名恶意可执行文件绕过自身防御机制,可能导致未经授权访问内核驱动功能。
CVSS Information
N/A
Vulnerability Type
N/A