CVE-2021-40444 PoC Demonstration

Introduction This week, a new zero-day vulnerability was disclosed affecting Microsoft Office applications. CVE-2021-40444 made waves throughout the cybersecurity industry for its ability to perform remote code execution on Windows operating systems with minimal interaction from the user. By simply opening a specially crafted Microsoft Office document, remote code execution could be obtained. Within a … Continue reading CVE-2021-40444 PoC Demonstration

Spoofing an Android Phone to Exploit the Razer Local Privilege Escalation Vulnerability

Intro Last Sunday, on a particularly lazy afternoon, I came across a Tweet that caught my attention. It was a demonstration of a local privilege escalation vulnerability that is possible when plugging in a Razer device to any Windows machine. The TL;DR of this vulnerability is that Windows identifies the drivers and software required for … Continue reading Spoofing an Android Phone to Exploit the Razer Local Privilege Escalation Vulnerability