Lucene search
Vinhthp1712ZDI-22-1071HistoryAug 18, 2022 - 12:00 a.m.
(Pwn2Own) Microsoft Windows partmgr Improper Authorization Privilege Escalation Vulnerability
2022-08-1800:00:00
vinhthp1712
www.zerodayinitiative.com
24
0.001 Low
EPSS
Percentile
25.5%
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the partmgr.sys driver. The issue results from improper authorization logic when accessing SCSI file handles. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.
Related
cve
cve
CVE-2022-33670
2022-08-09 20:15:10
mscve
mscve
Windows Partition Management Driver Elevation of Privilege Vulnerability
2022-08-09 07:00:00
prion
prion
Privilege escalation
2022-08-09 20:15:00
cvelist
cvelist
nvd
nvd
CVE-2022-33670
2022-08-09 20:15:10
mskb
mskb
August 9, 2022âKB5016672 (Monthly Rollup)
2022-10-11 07:00:00
August 9, 2022âKB5016684 (Security-only update)
2022-10-11 07:00:00
August 9, 2022âKB5016683 (Security-only update)
2022-10-11 07:00:00
nessus
nessus
KB5016684: Windows Server 2012 Security Update (August 2022)
2022-08-09 00:00:00
KB5016639: Windows 10 LTS 1507 Security Update (August 2022)
2022-08-09 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5016681)
2022-08-10 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5016639)
2022-08-10 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5016623)
2022-08-10 00:00:00
kaspersky
kaspersky
KLA12603 Multiple vulnerabilities in Microsoft Products (ESU)
2022-08-09 00:00:00
KLA12602 Multiple vulnerabilities in Microsoft Windows
2022-08-09 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - August 2022
2022-08-09 19:34:51