The vulnerability of the SchRpcSetSecurity function in the Advanced Local Procedure Call interface of the Windows operating system’s task scheduler allows a malicious actor to execute malicious code with SYSTEM privileges.

🗓️ 31 Aug 2018 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru

Vulnerability in SchRpcSetSecurity of ALPC in Windows task scheduler allows SYSTEM privileges.

Reporter	Title	Published	Views	Family All 61
0day.today	Microsoft Windows ALPC Task Scheduler Local Privilege Elevation Exploit	22 Sep 201800:00	–	zdt
GithubExploit	Exploit for Code Injection in Microsoft	4 Jan 202615:28	–	githubexploit
GithubExploit	Exploit for Code Injection in Microsoft	4 Jan 202615:28	–	githubexploit
ATTACKERKB	CVE-2018-8440	13 Sep 201800:00	–	attackerkb
canvas	Immunity Canvas: ALPC_TASKSCHED_LPE	13 Sep 201800:29	–	canvas
Circl	CVE-2018-8440	11 Sep 201823:24	–	circl
CISA KEV Catalog	Microsoft Windows Privilege Escalation Vulnerability	28 Mar 202200:00	–	cisa_kev
Check Point Advisories	Microsoft Windows ALPC Elevation of Privilege (CVE-2018-8440)	11 Sep 201800:00	–	checkpoint_advisories
CVE	CVE-2018-8440	13 Sep 201800:00	–	cve
Cvelist	CVE-2018-8440	13 Sep 201800:00	–	cvelist

Source	Link
xakep	www.xakep.ru/2018/08/28/alpc-lpe-0day/
exploit-db	www.exploit-db.com/exploits/45280/
github	www.github.com/SandboxEscaper/randomrepo/blob/master/PoC-LPE.rar
kb	www.kb.cert.org/vuls/id/906424
habr	www.habr.com/post/421593/
portal	www.portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8440
nvd	www.nvd.nist.gov/vuln/detail/CVE-2018-8440
cisa	www.cisa.gov/sites/default/files/csv/known_exploited_vulnerabilities.csv
web	www.web.nvd.nist.gov/view/vuln/detail

24 Sep 2024 00:00Current

7.9High risk

Vulners AI Score7.9

CVSS 27.2

CVSS 38.4

EPSS0.74187

SchRpcSetSecurity ALPC interface Windows task scheduler system privileges access control deficiency crafted library