Elastic denies claims that its Defend EDR product is impacted by a zero-day vulnerability, despite previous warnings from Ashes Cybersecurity. The company emphasizes that there is no evidence of a flaw leading to detection bypass or remote code execution. #ElasticDefend #AshesCybersecurity #ZeroDayVulnerability
Keypoints
- Elastic refutes claims of a zero-day vulnerability affecting its Defend EDR product.
- Ashes Cybersecurity reported a kernel driver flaw that could cause system crashes and potential bypasses.
- Elasticβs investigation found no evidence of the flaw leading to remote code execution or detection bypass.
- The researcher refused to provide a reproducible proof-of-concept exploit to verify the claims.
- Elastic emphasizes the importance of coordinated disclosure and denies any vulnerability risks based on current evidence.
Read More: https://www.securityweek.com/elastic-refutes-claims-of-zero-day-in-edr-product/