Lucene search
K

10 matches found

Packet Storm
Packet Storm
added 2026/04/24 12:0 a.m.115 views

📄 Microsoft MMC (.MSC) File Execution Abuse Leading / Admin Creation

This Metasploit local Windows exploit module abuses the way Microsoft Management Console MMC processes specially crafted .msc files to achieve arbitrary PowerShell execution when a user opens the file. The payload is designed to create a new local administrator account or execute a custom command...

7CVSS8.2AI score0.31894EPSS
Exploits7
Packet Storm
Packet Storm
added 2026/04/10 12:0 a.m.130 views

📄 Microsoft MMC MSC EvilTwin Local Admin Creation

Microsoft MMC MSC EvilTwin local admin creation exploit. !/usr/bin/env python3 Exploit Title: Microsoft MMC MSC EvilTwin - Local Admin Creation Date: 2025-11-22 Author: Mohammed Idrees Banyamer Author Country: Jordan GitHub: https://github.com/mbanyamer Vendor Homepage: https://www.microsoft.com...

7CVSS7.3AI score0.31894EPSS
Exploits7
Exploit DB
Exploit DB
added 2026/04/08 12:0 a.m.94 views

Microsoft MMC MSC EvilTwin - Local Admin Creation

!/usr/bin/env python3 Exploit Title: Microsoft MMC MSC EvilTwin - Local Admin Creation Date: 2025-11-22 Author: Mohammed Idrees Banyamer Author Country: Jordan GitHub: https://github.com/mbanyamer Vendor Homepage: https://www.microsoft.com Software Link: N/A built-in Windows component - mmc.exe...

7CVSS7.2AI score0.31894EPSS
Exploits7
GithubExploit
GithubExploit
added 2025/04/08 7:29 p.m.601 views

Exploit for Improper Neutralization in Microsoft

CVE-2025-26633 - MSC EvilTwin PoC Proof of Concept PoC...

7CVSS7.1AI score0.31894EPSS
Exploits7
The Hacker News
The Hacker News
added 2025/03/31 4:41 p.m.31 views

Russian Hackers Exploit CVE-2025-26633 via MSC EvilTwin to Deploy SilentPrism and DarkWisp

The threat actors behind the zero-day exploitation of a recently-patched security vulnerability in Microsoft Windows have been found to deliver two new backdoors called SilentPrism and DarkWisp. The activity has been attributed to a suspected Russian hacking group called Water Gamayun, which is...

7CVSS7.5AI score0.31894EPSS
Exploits7
Trend Micro Simply Security
Trend Micro Simply Security
added 2025/03/25 12:0 a.m.20 views

CVE-2025-26633: How Water Gamayun Weaponizes MUIPath using MSC EvilTwin

Trend Research identified Russian threat actor Water Gamayun exploiting CVE-2025-26633, a zero-day vulnerability in the Microsoft Management Console that attackers exploit to execute malicious code and exfiltrate data...

7CVSS7.6AI score0.31894EPSS
Exploits7
RedhatCVE
RedhatCVE
added 2025/03/13 6:43 p.m.24 views

CVE-2025-26633

Improper neutralization in Microsoft Management Console allows an unauthorized attacker to bypass a security feature locally...

7CVSS8.5AI score0.31894EPSS
Exploits7References3
NVD
NVD
added 2025/03/11 5:16 p.m.12 views

CVE-2025-26633

Improper neutralization in Microsoft Management Console allows an unauthorized attacker to bypass a security feature locally...

7CVSS0.31894EPSS
Exploits7References4
Vulnrichment
Vulnrichment
added 2025/03/11 4:59 p.m.21 views

CVE-2025-26633 Microsoft Management Console Security Feature Bypass Vulnerability

...

7CVSS6.9AI score0.31894EPSS
Exploits7References1
Circl
Circl
added 2025/03/11 4:39 p.m.15 views

CVE-2025-26633

creationtimestamp| type| source ---|---|--- 2025-03-11 16:39:36+00:00| seen| https://www.thezdi.com/blog/2025/3/11/the-march-2025-security-update-review 2025-03-11 17:09:47+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114144902283889820 2025-03-11 17:39:55+00:00| seen|...

7CVSS7.4AI score0.31894EPSS
Exploits7References99
Rows per page
Query Builder