7.1 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
7.8 High
AI Score
Confidence
High
3.2 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:S/C:N/I:P/A:P
0.004 Low
EPSS
Percentile
72.9%
## Title: Windows 11 10.0.22000 - Backup service Privilege Escalation
## Author: nu11secur1ty
## Vendor: https://www.microsoft.com/
## Software: https://www.microsoft.com/en-us/software-download/windows11
## Reference: https://github.com/nu11secur1ty/CVE-mitre/tree/main/2023/CVE-2023-21752
## Description:
Windows 11 Pro build 10.0.22000 Build 22000 suffers from Backup
service - Privilege Escalation vulnerability.
An attacker who successfully exploited this vulnerability could gain
SYSTEM privileges.
and could delete data that could include data that results in the
service being unavailable.
## STATUS: HIGH Vulnerability - CRITICAL
[+] Exploit:
[href](https://github.com/nu11secur1ty/CVE-mitre/tree/main/2023/CVE-2023-21752/PoC)
## Reference:
[href](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21752)
## Reproduce:
[href](https://github.com/nu11secur1ty/CVE-mitre/tree/main/2023/CVE-2023-21752/PoC)
## Proof and Exploit:
[href](https://streamable.com/f2dl3m)
--
System Administrator - Infrastructure Engineer
Penetration Testing Engineer
Exploit developer at https://packetstormsecurity.com/
https://cve.mitre.org/index.html https://0day.today/
https://cxsecurity.com/ and https://www.exploit-db.com/
home page: https://www.nu11secur1ty.com/
hiPEnIMR0v7QCo/+SEH9gBclAAYWGnPoBIQ75sCj60E=
nu11secur1ty <http://nu11secur1ty.com/>
7.1 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
7.8 High
AI Score
Confidence
High
3.2 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:S/C:N/I:P/A:P
0.004 Low
EPSS
Percentile
72.9%