Lucene search
K

28 matches found

0day.today
0day.today
added 2021/03/16 12:0 a.m.40 views

Windows Server 2012 SrClient DLL Hijacking Exploit

All editions of Windows Server 2012 but not 2012 R2 are vulnerable to DLL hijacking due to the way TiWorker.exe will try to call the non-existent SrClient.dll file when Windows Update checks for updates. This issue can be leveraged for privilege escalation if %PATH% includes directories that are...

7.5AI score
Exploits0
NVD
NVD
added 2021/03/11 4:15 p.m.14 views

CVE-2021-26866

Windows Update Service Elevation of Privilege Vulnerability...

7.1CVSS0.01115EPSS
Exploits0References2
OSV
OSV
added 2021/03/11 4:15 p.m.1 views

CVE-2021-26866

Windows Update Service Elevation of Privilege Vulnerability...

7.1CVSS7.1AI score0.01115EPSS
Exploits0References2
Prion
Prion
added 2021/03/11 4:15 p.m.25 views

Privilege escalation

Windows Update Service Elevation of Privilege Vulnerability...

3.6CVSS6.4AI score0.01115EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2021/03/11 3:38 p.m.25 views

CVE-2021-26866 Windows Update Service Elevation of Privilege Vulnerability

...

7.1CVSS8.4AI score0.01115EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2021/03/09 12:0 a.m.2 views

PT-2021-2361 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to an elevation-of-privilege vulnerability in the Windows Update Service, which is caused by insecure privilege management. This vulnerability can be exploited to allow...

7.1CVSS6.6AI score0.01115EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2019/10/01 12:0 a.m.5 views

The vulnerability of the Windows Update Delivery Optimization service for Windows operating systems allows a malicious individual to exploit their elevated privileges.

The vulnerability of the Windows Update Delivery Optimization service in Windows operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

7CVSS5.5AI score0.00728EPSS
Exploits0References2
OSV
OSV
added 2018/10/24 7:29 p.m.3 views

CVE-2018-15442

A vulnerability in the update service of Cisco Webex Meetings Desktop App for Windows could allow an authenticated, local attacker to execute arbitrary commands as a privileged user. The vulnerability is due to insufficient validation of user-supplied parameters. An attacker could exploit this...

7.8CVSS6AI score
Exploits0References5
Rows per page
Query Builder