CVE-2022-34102

Insufficient access control vulnerability was discovered in the Crestron AirMedia Windows Application, version 4.3.1.39, in which a user can pause the uninstallation of an executable to gain a SYSTEM level command prompt...

CVE-2022-34100

A vulnerability was discovered in the Crestron AirMedia Windows Application, version 4.3.1.39, in which a low-privileged user can gain a SYSTEM level command prompt by pre-staging a file structure prior to the installation of a trusted service executable and change permissions on that file...

Design/Logic Flaw

A vulnerability was discovered in the Crestron AirMedia Windows Application, version 4.3.1.39, in which a low-privileged user can gain a SYSTEM level command prompt by pre-staging a file structure prior to the installation of a trusted service executable and change permissions on that file...

CVE-2022-34100

A vulnerability was discovered in the Crestron AirMedia Windows Application, version 4.3.1.39, in which a low-privileged user can gain a SYSTEM level command prompt by pre-staging a file structure prior to the installation of a trusted service executable and change permissions on that file...

Microsoft Windows 8.1 Update 2 / 10 10586 (x86/x64) - NtLoadKeyEx User Hive Attachment Point Privilege Escalation (MS16-111)

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=865 Windows: NtLoadKeyEx User Hive Attachment Point EoP Platform: Windows 10 10586 32/64 and 8.1 Update 2, not tested Windows 7 Class: Elevation of Privilege Summary: The NtLoadKeyEx system call allows an unprivileged user to loa...