An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory.
The srv2.sys driver exposes functionality that allows low-privileged users to write arbitrary memory via specially crafted packet and elevate system privileges.
An arbitrary privileged file move operation exists in Microsoft Windows Service Tracing. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.
An elevation of privilege vulnerability exists when MSI packages process symbolic links.
An elevation of privilege vulnerability exists when Windows Core Shell COM Server Registrar improperly handles COM calls. An attacker who successfully exploited this vulnerability could potentially set certain items to run at a higher level and thereby elevate permissions. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting unprotected COM calls.
An elevation of privilege vulnerability exists when Windows Core Shell COM Server Registrar improperly handles COM calls. An attacker who successfully exploited this vulnerability could potentially set certain items to run at a higher level and thereby elevate permissions. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting unprotected COM calls.
The CorsairLLAccess64.sys driver before 3.25.60 in CORSAIR iCUE exposes functionality that allows low-privileged users to read and write arbitrary physical memory via specially crafted IOCTL requests and elevate system privileges.
This module uses ioctls to Read/Write to/from IO Ports and generate a reboot
This module exploits a win32k component vulnerability This can be exploited to execute arbitrary code with System privileges. It is working until KB4507004 update 2019/07/08 it is patched in KB4507449 Security Monthly Quality Rollup for Windows 7 x64-based Systems 2019/07/09
The vulnerability allows read and write to arbitrary memory locations, and consequently gain NT AUTHORITY\SYSTEM privileges, by mapping \Device\PhysicalMemory into the calling process via ZwOpenSection and ZwMapViewOfSection.