Local DCOM DCE/RPC connections can be reflected back to a listening TCP socket allowing access to an NTLM authentication challenge for LocalSystem user which can be replayed to the local DCOM activation service. An attacker who successfully exploited this vulnerability could bypass security and gain elevated privileges on a targeted system. In order to successfully exploit this vulnerability, the source agent must be running in the context of a Windows service application, as the module require special permissions to create a new agent with elevated privileges.
CVE Link
Exploit Platform
Exploit Type
Product Name