15 matches found
VulnCheck KEV: CVE-2019-1405
A privilege escalation vulnerability exists when the Windows UPnP service improperly allows COM object creation...
Microsoft UPnP - Local Privilege Elevation (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/post/common' require 'msf/core/post/file' require 'msf/core/post/windows/priv' require 'msf/core/post/windows/registry' require 'msf/core/exploit/exe'...
Microsoft UPnP Local Privilege Elevation Exploit
This Metasploit module exploits two vulnerabilities to execute a command as an elevated user. The first CVE-2019-1405 uses the UPnP Device Host Service to elevate to NT AUTHORITY\LOCAL SERVICE. The second CVE-2019-1322 leverages the Update Orchestrator Service to elevate from NT AUTHORITY\LOCAL...
Microsoft UPnP Local Privilege Elevation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/post/common' require 'msf/core/post/file' require 'msf/core/post/windows/priv' require 'msf/core/post/windows/registry' require 'msf/core/exploit/exe'...
Microsoft UPnP Local Privilege Elevation Vulnerability
This exploit uses two vulnerabilities to execute a command as an elevated user. The first CVE-2019-1405 uses the UPnP Device Host Service to elevate to NT AUTHORITY\LOCAL SERVICE The second CVE-2019-1322 leverages the Update Orchestrator Service to elevate from NT AUTHORITY\LOCAL SERVICE to NT...
CVE-2019-1405
creationtimestamp| type| source ---|---|--- 2019-11-14 15:02:06+00:00| seen| https://t.me/canyoupwnme/6135 2019-11-15 19:29:39+00:00| published-proof-of-concept| https://t.me/canyoupwnme/6143 2019-11-16 12:53:34+00:00| published-proof-of-concept| https://t.me/DC8044Info/473 2019-12-18...
Microsoft Windows 10 Build 1803 < 1903 - (COMahawk) Local Privilege Escalation Exploit
EDB Note Download: - https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/47684-1.exe - https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/47684-2.zip COMahawk Privilege Escalation: Weaponizing CVE-2019-1405 and CVE-2019-1322 Video Dem...
Microsoft Windows 10 Build 1803 < 1903 - 'COMahawk' Local Privilege Escalation
EDB Note Download: - https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/47684-1.exe - https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/47684-2.zip COMahawk Privilege Escalation: Weaponizing CVE-2019-1405 and CVE-2019-1322 Video Demo...
Microsoft Windows 10 Build 1803 1903 - COMahawk Local Privilege Escalation
Microsoft Windows 10 Build 1803 1903 - COMahawk Local Privilege Escalation EDB Note Download: - https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/47684-1.exe - https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/47684-2.zip COMahawk...
Microsoft Windows Multiple Vulnerabilities (KB4523205)
This host is missing a critical security update according to Microsoft KB4523205 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progra...
Microsoft Windows Multiple Vulnerabilities (KB4525237)
This host is missing a critical security update according to Microsoft KB4525237 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progra...
CVE-2019-1405
CVE-2019-1405 is a local privilege-escalation flaw in the Windows UPnP service where improper handling allows COM object creation. Root cause per the connected CISA KEV entry is improper COM object creation by the UPnP service, enabling elevation of privileges. The CVSSv3.1 metrics in the initial...
CVE-2019-1405
An elevation of privilege vulnerability exists when the Windows Universal Plug and Play UPnP service improperly allows COM object creation, aka 'Windows UPnP Service Elevation of Privilege Vulnerability'...
CVE-2019-1405
An elevation of privilege vulnerability exists when the Windows Universal Plug and Play UPnP service improperly allows COM object creation, aka ‘Windows UPnP Service Elevation of Privilege Vulnerability’. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker...
Microsoft Windows UPnP Service CVE-2019-1405 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Window...