This talk will give an overview of a number of vulnerabilities in FireEye’s Malware Protection System (MPS) that were recently discovered (and which are patched in the interim). These range from command injections in the management web interface over local privilege escalation vulnerabilities to exploits that allow a full compromise of the system by simply sending a malicious file over the network and exploiting bugs in the analysis process.