top of page
ALL POSTS
PhantomRPC: Windows RPC Privilege Escalation Vulnerability Discovered
Key Findings PhantomRPC is a novel local privilege escalation vulnerability in Windows RPC architecture affecting likely all Windows versions Vulnerability enables processes with impersonation privileges to escalate to SYSTEM level permissions Five distinct exploitation paths identified across local service, network service, and user contexts Differs fundamentally from "Potato" exploit family but remains unpatched despite responsible disclosure Architectural weakness creates
Apr 252 min read
CVE-2025-60021: Apache bRPC Vulnerability Allows Remote Command Injection
Key Findings Apache has patched a vulnerability (CVE-2025-60021) in its bRPC C++ RPC framework The flaw allows remote command injection by manipulating the `extra_options` parameter in the `/pprof/heap` endpoint The vulnerability affects bRPC versions 1.11.0 through 1.14.0, and is rated as "Important" bRPC is widely used in high-performance systems for search, storage, ML, advertising, and recommendation Successful exploitation could allow attackers to execute remote commands
Jan 171 min read
bottom of page
