Lucene search
JeongOh Kyea with THEORIZDI-22-808HistoryJun 01, 2022 - 12:00 a.m.
Microsoft Windows DiagTrack Service Link Following Privilege Escalation Vulnerability
2022-06-0100:00:00
JeongOh Kyea with THEORI
www.zerodayinitiative.com
22
0.001 Low
EPSS
Percentile
25.4%
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the DiagTrack service. By creating a symbolic link, an attacker can abuse the service to overwrite arbitrary files. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.
Related
nvd
nvd
CVE-2022-24479
2022-04-15 19:15:10
prion
prion
Privilege escalation
2022-04-15 19:15:00
cvelist
cvelist
vulnrichment
vulnrichment
cve
cve
CVE-2022-24479
2022-04-15 19:15:10
mscve
mscve
nessus
nessus
KB5012591: Windows 10 version 1909 / Windows Server 1909 Security Update (April 2022)
2022-04-12 00:00:00
KB5012592: Windows 11 Security Update (April 2022)
2022-04-12 00:00:00
mskb
mskb
April 12, 2022âKB5012592 (OS Build 22000.613)
2022-04-12 08:00:00
April 12, 2022âKB5012591 (OS Build 18363.2212)
2022-04-12 08:00:00
April 12, 2022âKB5012596 (OS Build 14393.5066)
2022-04-12 08:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5012591)
2022-04-13 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5012592)
2023-08-08 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5012596)
2022-04-13 00:00:00
kaspersky
kaspersky
KLA12502 Multiple vulnerabilities in Microsoft Windows
2022-04-12 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - April 2022
2022-04-12 18:48:11