Описание
Windows Kernel Elevation of Privilege Vulnerability
FAQ
According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?
This vulnerability could lead to a contained execution environment escape. Please refer to AppContainer Isolation for more information.
How could an attacker exploit this vulnerability?
To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.
What privileges could an attacker gain with a successful exploitation?
An attacker who successfully exploited this vulnerability could gain unauthorized access to system resources, potentially allowing them to perform actions with the same privileges as the compromised process.
This could lead to further system compromise and unauthorized actions within the network.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Windows Server 2022 | ||
| Windows Server 2022 (Server Core installation) | ||
| Windows Server 2022, 23H2 Edition (Server Core installation) |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
DOS
EPSS
8.8 High
CVSS3
Связанные уязвимости
Windows Kernel Elevation of Privilege Vulnerability
Уязвимость ядра операционных систем Windows, позволяющая нарушителю повысить свои привилегии
EPSS
8.8 High
CVSS3