Exploit for Heap-based Buffer Overflow in Microsoft

CVE-2024-30051 — Windows DWM Heap Overflow EoP · Master's Thes...

Zero-day vulnerability in Desktop Window Manager (CVE-2021-28310) used in the wild

While analyzing the CVE-2021-1732 exploit originally discovered by the DBAPPSecurity Threat Intelligence Center and used by the BITTER APT group, we discovered another zero-day exploit we believe is linked to the same actor. We reported this new exploit to Microsoft in February and after...