Windows | Core Security

An elevation of privilege vulnerability exists due to the Windows kernel improperly validating input passed from user mode to the kernel. The vulnerability could allow an attacker to run code with elevated privileges.

PaperCut NG and PaperCut MF before 22.1.3 on Windows allow path traversal. This module tries to determine remotely, if the target host is either vulnerable to CVE-2023-39143 or not.

This module exploits an SQL injection to deploy an agent in Progress MOVEit Transfer. The vulnerability is in the UserCheckClientCert function of MOVEit.DMZ.ClassLib.UserEngine class. The deployed agent will run with moveitsvc user privileges.

Foxit PDF Reader, in an oversight, exposes a JavaScript interface capable of writing arbitrary files. This mishap is what makes the software susceptible to attacks. An adversary can manipulate this vulnerability to execute code within the context of the current user, thereby gaining unauthorized control over the system. The vulnerable method is exportXFAData. This exploit will write the agent to the startup folder. This means that the user must logoff and login again in order to execute the agent.

The specific flaw exists within the Tablet Service. By creating a symbolic link, an attacker can abuse the service to create a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.

An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

This module triggers a heap-based buffer overflow vulnerability in the DHCP service by sending a malformed DHCPv6 Relay-forward message.

This module exploits an SQL injection to deploy an agent in Progress MOVEit Transfer. The vulnerability is in the UserGetUsersWithEmailAddress function of UserEngine class. The deployed agent will run with moveitsvc user privileges.

Subscribe to Windows

Privacy Policy

Cookie Policy

Terms of Service

Accessibility

Impressum