Lucene search
Abdelhamid NaceriZDI-21-1161HistoryOct 14, 2021 - 12:00 a.m.
Microsoft Windows AppX Deployment Service Directory Junction Privilege Escalation Vulnerability
2021-10-1400:00:00
Abdelhamid Naceri
www.zerodayinitiative.com
8
0.0005 Low
EPSS
Percentile
16.0%
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AppX Deployment Service. By creating a directory junction, an attacker can abuse the service to delete the contents of a chosen directory. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.
Related
cvelist
cvelist
nvd
nvd
CVE-2021-41347
2021-10-13 01:15:13
prion
prion
Privilege escalation
2021-10-13 01:15:00
mscve
mscve
Windows AppX Deployment Service Elevation of Privilege Vulnerability
2021-10-12 07:00:00
cve
cve
CVE-2021-41347
2021-10-13 01:15:13
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5006669)
2021-10-13 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5006675)
2021-10-13 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5006667)
2021-10-13 00:00:00
nessus
nessus
KB5006669: Windows 10 Version 1607 and Windows Server 2016 Security Update (October 2021)
2021-10-12 00:00:00
KB5006675: WWindows 10 version 1507 LTS Security Update (October 2021)
2021-10-12 00:00:00
KB5006674: Windows 11 Security Update (October 2021)
2021-10-12 00:00:00
mskb
mskb
October 12, 2021âKB5006675 (OS Build 10240.19086) - EXPIRED
2021-10-12 07:00:00
October 12, 2021âKB5006669 (OS Build 14393.4704) - EXPIRED
2021-10-12 07:00:00
October 12, 2021âKB5006667 (OS Build 18363.1854)
2021-10-12 07:00:00
kaspersky
kaspersky
KLA12310 Multiple vulnerabilities in Microsoft Windows
2021-10-12 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - October 2021
2021-10-12 19:47:16