The Common Log File System Driver (clfs.sys) present in Microsoft Windows is vulnerable to a memory corruption vulnerability. This module allows a local unprivileged user to execute arbitrary code with SYSTEM privileges by creating a specially crafted BLF file.

The Ancillary Function Driver (AFD.sys) present in Microsoft Windows is vulnerable to an arbitrary memory overwrite. This module allows a local unprivileged user to execute arbitrary code with SYSTEM privileges by sending a specially crafted IOCTL to the vulnerable driver.

An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

This module uses NTLM reflection to achieve a SYSTEM handle for elevation of privilege.

This module can be used to perform a privilege escalation using a misconfiguration on the Object Authorities of a User profile.

This module exploits an Arbitrary File Deletion performed by an unprivileged user in any protected folder. Before deleting the file, this module backups the file in the user temp folder

A use-after-free flaw was found in route4_change in the net/sched/cls_route.c filter implementation in the Linux kernel. This flaw allows a local user to crash the system and possibly lead to a local privilege escalation problem.

The LenovoDiagnosticsDriver.sys driver in the HardwareScanPlugin of Lenovo Vantage before 1.3.0.5 allow local non-privileged users (including low-integrity level processes) to read and write to arbitrary physical memory locations, and consequently gain NT AUTHORITY\SYSTEM privileges, via a function call such as MmMapIoSpace.

The vulnerability is an Arbitrary File Delete Write which can be used to achieve an agent with elevated privileges.

This module exploits an Arbitrary File Deletion performed by a normal user in protected folders