{"vulnerability": "CVE-2021-45336", "sightings": [{"uuid": "dd646748-d155-4d97-bf11-089b60da30ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-45336", "type": "seen", "source": "https://t.me/cibsecurity/34668", "content": "\u203c CVE-2021-45336 \u203c\n\nPrivilege escalation vulnerability in the Sandbox component of Avast Antivirus prior to 20.4 allows a local sandboxed code to gain elevated privileges by using system IPC interfaces which could lead to exit the sandbox and acquire SYSTEM privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-27T16:23:09.000000Z"}, {"uuid": "4399f944-9a94-4338-a355-be397dce5ef0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-45336", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7732", "content": "#exploit\n1. CVE-2021-45335, CVE-2021-45336, CVE-2021-45337:\nEoP from Everyone through Avast Sandbox to System AmPPL\nhttps://the-deniss.github.io/posts/2023/02/09/elevation-of-privileges-from-everyone-through-avast-av-sandbox-to-system-amppl.html\n\n2. CVE-2023-21746:\nThe LocalPotato attack - type of NTLM reflection attack that targets local authentication\nhttps://github.com/decoder-it/LocalPotato", "creation_timestamp": "2023-02-14T04:50:02.000000Z"}]}