Elastic denies zero-day RCE flaw in Defend EDR

First reported

19.08.2025 19:41

Last updated

📰 1 unique sources, 1 articles

Summary

Hide ▲

Elastic has rejected claims of a zero-day remote code execution (RCE) vulnerability in its Defend endpoint detection and response (EDR) product. The company investigated allegations made by AshES Cybersecurity, which claimed to have discovered an RCE flaw in Elastic Defend. Elastic found no evidence supporting the claims. AshES Cybersecurity published a blog post detailing the alleged vulnerability and provided videos demonstrating the supposed exploit. Elastic stated that the reports lacked evidence of reproducible exploits and that AshES Cybersecurity did not follow coordinated disclosure principles.

Timeline

19.08.2025 19:41 📰 1 articles · ⏱ 28d ago

Elastic denies zero-day RCE flaw in Defend EDR
Elastic rejected claims of a zero-day RCE vulnerability in its Defend EDR product. AshES Cybersecurity alleged a flaw in the 'elastic-endpoint-driver.sys' kernel driver, but Elastic's investigation found no evidence supporting the claims. AshES Cybersecurity did not provide a proof-of-concept exploit or follow coordinated disclosure principles.
Show sources

Elastic rejects claims of a zero-day RCE flaw in Defend EDR — www.bleepingcomputer.com — 19.08.2025 19:41
Open in new tab

Information Snippets

AshES Cybersecurity claimed to have discovered a zero-day RCE flaw in Elastic Defend.
First reported: 19.08.2025 19:41

📰 1 source, 1 article
Show sources
- Elastic rejects claims of a zero-day RCE flaw in Defend EDR — www.bleepingcomputer.com — 19.08.2025 19:41
The alleged flaw involves a NULL pointer dereference in the 'elastic-endpoint-driver.sys' kernel driver.
First reported: 19.08.2025 19:41

📰 1 source, 1 article
Show sources
- Elastic rejects claims of a zero-day RCE flaw in Defend EDR — www.bleepingcomputer.com — 19.08.2025 19:41
Elastic conducted a thorough investigation and found no evidence supporting the claims.
First reported: 19.08.2025 19:41

📰 1 source, 1 article
Show sources
- Elastic rejects claims of a zero-day RCE flaw in Defend EDR — www.bleepingcomputer.com — 19.08.2025 19:41
AshES Cybersecurity did not provide a proof-of-concept (PoC) exploit to Elastic or its affiliates.
First reported: 19.08.2025 19:41

📰 1 source, 1 article
Show sources
- Elastic rejects claims of a zero-day RCE flaw in Defend EDR — www.bleepingcomputer.com — 19.08.2025 19:41
Elastic's bug bounty program has paid over $600,000 to researchers since 2017.
First reported: 19.08.2025 19:41

📰 1 source, 1 article
Show sources
- Elastic rejects claims of a zero-day RCE flaw in Defend EDR — www.bleepingcomputer.com — 19.08.2025 19:41