Описание
An elevation of privilege vulnerability exists when the Connected User Experiences and Telemetry Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges on the victim system.
To exploit the vulnerability, an attacker would first have to gain execution on the victim system, then run a specially crafted application.
The security update addresses the vulnerability by correcting how the Connected User Experiences and Telemetry Service handles file operations.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Одно из
EPSS
6.6 Medium
CVSS3
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
Связанные уязвимости
Connected User Experiences and Telemetry Service Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when the Connected User Experiences and Telemetry Service improperly handles file operations, aka 'Connected User Experiences and Telemetry Service Elevation of Privilege Vulnerability'.
Уязвимость служб Connected User Experiences и Telemetry Service операционных систем Windows , позволяющая повысить свои привилегии и выполнить произвольный код
EPSS
6.6 Medium
CVSS3
7.8 High
CVSS3
7.2 High
CVSS2