Описание
An elevation of privilege vulnerability exists in the way the Task Scheduler Service validates certain file operations, aka 'Task Scheduler Elevation of Privilege Vulnerability'.
An elevation of privilege vulnerability exists in the way the Task Scheduler Service validates certain file operations, aka 'Task Scheduler Elevation of Privilege Vulnerability'.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2019-1069
- https://blog.0patch.com/2019/06/another-task-scheduler-0day-another.html
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2019-1069
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1069
- https://www.kb.cert.org/vuls/id/119704
Связанные уязвимости
An elevation of privilege vulnerability exists in the way the Task Scheduler Service validates certain file operations. An attacker who successfully exploited the vulnerability could gain elevated privileges on a victim system. To exploit the vulnerability, an attacker would require unprivileged code execution on a victim system. The security update addresses the vulnerability by correctly validating file operations.
Уязвимость функции SetJobFileSecurityByName планировщика заданий Task Scheduler операционных систем Windows, позволяющая нарушителю повысить свои привилегии