The vulnerability allows read and write to arbitrary memory locations, and consequently gain NT AUTHORITY\SYSTEM privileges, by mapping \Device\PhysicalMemory into the calling process via ZwOpenSection and ZwMapViewOfSection.
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory.
Gets SYSTEM privileges exploiting two vulnerabilities (CVE-2019-1405 / CVE-2019-1322). The first one allows us to get NT AUTHORITY/SERVICE using a method of a COM Object from UPnP Device Host Service. Then, with NT AUTHORITY/SERVICE privileges, we elevate to NT AUTHORITY/SYSTEM with CVE-2019-1322.
This module exploits a Check Point Endpoint Security Initial Client vulnerability that can execute arbitrary code with System privileges.
A stack-based buffer overflow in WECON LeviStudio HMI Editor allows an attacker to execute arbitrary code via crafted .UMP file. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by exploiting an invalid pointer reference in Internet Explorer.
This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by exploiting an invalid pointer reference in Internet Explorer.
This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.