winternl

cybersecurity & programming

Tag: LPE

  • CVE-2022-43997 – Local Privilege Escalation in Aternity Agent

    Aternity is software developed by Riverbed used to monitor the performance of applications and devices from the end user perspective. Software such as Aternity is a prime target for vulnerability research. “Monitoring” software typically installs hooks and performs process injection to track analytics. Doing so safely is not a trivial task; there may be implementation…