28 matches found
Windows Server 2012 SrClient DLL Hijacking Exploit
All editions of Windows Server 2012 but not 2012 R2 are vulnerable to DLL hijacking due to the way TiWorker.exe will try to call the non-existent SrClient.dll file when Windows Update checks for updates. This issue can be leveraged for privilege escalation if %PATH% includes directories that are...
CVE-2021-26866
Windows Update Service Elevation of Privilege Vulnerability...
CVE-2021-26866
Windows Update Service Elevation of Privilege Vulnerability...
Privilege escalation
Windows Update Service Elevation of Privilege Vulnerability...
CVE-2021-26866 Windows Update Service Elevation of Privilege Vulnerability
...
PT-2021-2361 · Microsoft · Windows
Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to an elevation-of-privilege vulnerability in the Windows Update Service, which is caused by insecure privilege management. This vulnerability can be exploited to allow...
The vulnerability of the Windows Update Delivery Optimization service for Windows operating systems allows a malicious individual to exploit their elevated privileges.
The vulnerability of the Windows Update Delivery Optimization service in Windows operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...
CVE-2018-15442
A vulnerability in the update service of Cisco Webex Meetings Desktop App for Windows could allow an authenticated, local attacker to execute arbitrary commands as a privileged user. The vulnerability is due to insufficient validation of user-supplied parameters. An attacker could exploit this...