5 matches found
Concealed Position - Bring Your Own Print Driver Privilege Escalation Tool
Concealed Position is a local privilege escalation attack against Windows using the concept of "Bring Your Own Vulnerability". Specifically, Concealed Position CP uses the as designed package point and print logic in Windows that allows a low privilege user to stage and install printer drivers. C...
Metasploit Wrap-Up
Print Driver PrivEsc If you attended DEF CON last week, you may have seen this talk on print driver vulnerabilities from Metasploit community contributor Jacob Baines. In the spirit of Friday the 13th, we're highlighting some of these "print nightmares" again, in the form of two new Metasploit...
Lexmark Driver Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Lexmark Driver Privilege Escalation', 'Description' = %q Various Lexmark Universal Printer drivers as listed at advisory TE953 allow low-privileg...
CVE-2021-35449
creationtimestamp| type| source ---|---|--- 2021-08-11 20:12:50+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/local/lexmarkdriverprivesc.rb 2025-02-06 03:13:45+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:10:39+00:00| seen...
CVE-2021-35449
CVE-2021-35449 affects Lexmark Universal Print Driver (versions 2.15.1.0 and earlier) and associated G2/G3/G4 drivers. The vulnerability enables local privilege escalation: a low-privilege user can cause the driver to load a DLL of their choosing during the add printer process, escalating to SYST...