There exists a privilege escalation vulnerability for Windows 10 builds prior to build 17763. Due to the AppXSvc's improper handling of hard links, a user can gain full privileges over a SYSTEM-owned file. The user can then utilize the new file to execute code as SYSTEM. This Metasploit module employs a technique using the Diagnostics Hub Standard Collector Service (DiagHub) which was discovered by James Forshaw to load and execute a DLL as SYSTEM.
768fb56de1ec7de8dd28e560c3995953fbeca7925352b92e82d879e144ae0251Microsoft Windows AppX deployment service privilege escalation exploit.
1460b5312b5682cc658f0829b40c8e8711a2d4883539bf45739ebf57d5a634a3Microsoft Windows Remote Assistance suffers from an XML external entity injection vulnerability.
30f3cbd80b79f0e54f6c7a336934dced0eac0a94cb3f89c1fa94def8ecf8a977Microsoft Windows versions 8.1 and 2012 R2 SMB denial of service exploit.
2d61926739ef489e55031fa18143cb2f0cef2d256919289fb41f646dedec04e4Kerberos in Microsoft Windows suffers from a security feature bypass vulnerability.
5ed55cfd547222a50eb5c366ea69653cf9d3890f0d64f8ea97af4f06b1d3167cMicrosoft Windows 7 (x32/x64) suffers from a group policy privilege escalation vulnerability as described in MS16-072.
2ab30a58cdc968d44eaef9a40e6fa883cf7a80fc535361bba990a6e2e7958c85Windows kerberos security feature bypass exploit that leverages the vulnerability discussed in MS16-014.
cb587de0354495ec9c43859457e5b08438fd6f10d2200b2ac110e32a4472868a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed