Whitelisting Bypass Vulnerability in Zemana Anti-Logger

Whitelisting Bypass Vulnerability in Zemana Anti-Logger

CVE-2018-15491 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

A vulnerability in the permission and encryption implementation of Zemana Anti-Logger 1.9.3.527 and prior (fixed in 1.9.3.602) allows an attacker to take control of the whitelisting feature (MyRules2.ini under %LOCALAPPDATA%\Zemana\ZALSDK) to permit execution of unauthorized applications (such as ones that record keystrokes).

Learn more about our Web Application Penetration Testing UK.