A vulnerability was found in dotNET applications where the Windows dotNET runtime exposes an IPC diagnostic endpoint named pipe for collecting diagnostic information and debugging. A remote attacker can exploit DCOM applications that expose a diagnostic port to achieve cross-session/cross-user elevation of privilege (EoP) and code execution by taking control of the diagnostic port.