Panda Security Free Antivirus Unnecessary Privileges Local Privilege Escalation Vulnerability

Situation

This vulnerability allows a local attacker with SeImpersonatePrivilege to elevate to 'NT AUTHORITY\System' enabling him to run code and perform actions with higher permissions than those of the user.

Solution

This problem has been fixed in version 20.02.00, so any later version will not be affected.

Acknowledgements

Panda Security would like to thank the researcher Michael DePlante (@izobashi) of Trend Micro's Zero Day Initiative for his dedication and effort in improving the safety of our products.