CVE-2022-41120
Sysmon before 14.13 is affected by an Elevation of Privilege vulnerability (CVE-2022-41120) in the ClipboardChange/RPC path. A locally authenticated user can abuse Sysmon’s RPC/ClipboardChange handling to write/delete files in the C:\Sysmon directory (ArchiveDirectory) and escalate to SYSTEM by r...