12 matches found
CVE-2022-26904 Windows User Profile Service Elevation of Privilege Vulnerability
...
CVE-2022-26904
CVE-2022-26904 is a Windows User Profile Service Elevation of Privilege vulnerability. The issue is a race-condition–driven LPE in the User Profile Service, with attacker-controlled code execution at SYSTEM granted by bypasses and PoCs described in public sources. A Metasploit module exists for t...
Microsoft Patch Tuesday April 2022 addressed two zero-day vulnerabilities
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here Microsoft addressed 128 vulnerabilities in there April patch Tuesday update. Two of them have been categorized as zero-day vulnerabilities. One of the two zero-days is exploited-in-the-wild as well. The vulnerability,...
Microsoft Issues Patches for 2 Windows Zero-Days and 126 Other Vulnerabilities
Microsoft's Patch Tuesday updates for the month of April have addressed a total of 128 security vulnerabilities spanning across its software product portfolio, including Windows, Defender, Office, Exchange Server, Visual Studio, and Print Spooler, among others. 10 of the 128 bugs fixed are rated...
User Profile Arbitrary Junction Creation Local Privilege Elevation
The user profile service, identified as ProfSrv, is vulnerable to a local privilege elevation vulnerability in its CreateDirectoryJunction function due to a lack of appropriate checks on the directory structure of the junctions it tries to link together. Attackers can leverage this vulnerability ...
Windows User Profile Service Privlege Escalation Exploit
The user profile service, identified as ProfSrv, is vulnerable to a local privilege elevation vulnerability in its CreateDirectoryJunction function due to a lack of appropriate checks on the directory structure of the junctions it tries to link together. Attackers can leverage this vulnerability ...
KB5012670: Windows 8.1 and Windows Server 2012 R2 Security Update (April 2022)
The remote Windows host is missing security update 5012639 or cumulative update 5012670. It is, therefore, affected by multiple vulnerabilities: - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. CVE-2022-24474, CVE-2022-24481, CVE-2022-24494,...
KB5012666: Windows Server 2012 Security Update (April 2022)
The remote Windows host is missing security update 5012666 or cumulative update 5012650. It is, therefore, affected by multiple vulnerabilities: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands...
KB5012653: Windows 10 version 1507 LTS Security Update (April 2022)
The remote Windows host is missing security update 5012653. It is, therefore, affected by multiple vulnerabilities: - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. CVE-2022-26798, CVE-2022-26801, CVE-2022-26786, CVE-2022-24549, CVE-2022-26794,...
KB5012632: Windows Server 2008 Security Update (April 2022)
The remote Windows host is missing security update 5012632 or cumulative update 5012658. It is, therefore, affected by multiple vulnerabilities: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands...
Metasploit Wrap-Up
Windows Local Privilege Escalation for standard users In this week’s release, we have an exciting new module that has been added by our very own Grant Willcox which exploits CVE-2022-26904, and allows for normal users to execute code as NT AUTHORITY/SYSTEM on Windows machines from Windows 7 up to...
CVE-2022-26904
creationtimestamp| type| source ---|---|--- 2022-03-28 11:00:54+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/5692 2022-04-11 20:28:05+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/local/cve202226904superprofile.rb...