Security News > 2020 > October > Researcher Finds Vulnerabilities in Products of 10 Cybersecurity Vendors
A researcher at privileged access management solutions provider CyberArk has discovered vulnerabilities in the products of 10 cybersecurity vendors.
The research focused on vulnerabilities that can allow an attacker or a piece of malware to escalate privileges using symlink attacks or DLL hijacking.
These types of attacks against antimalware products were also detailed earlier this year by researchers at RACK911 Labs.
The researcher has also shared some recommendations on how developers can avoid introducing these types of vulnerabilities in their products.
"We have seen that blocking symlink attacks or blocking the load of malicious DLLs require only a small touchup in the code. Knowing that, AV vendors should be able to eliminate this widespread bug class."