CVE-2024-26229
"Microsoft Windows CSC Service Privilege Escalation Vulnerability"
Description
Windows CSC Service Elevation of Privilege Vulnerability
INFO
Published Date :
April 9, 2024, 5:15 p.m.
Last Modified :
April 10, 2024, 1:24 p.m.
Source :
[email protected]
Remotely Exploitable :
No
Impact Score :
5.9
Exploitability Score :
1.8
Public PoC/Exploit Available at Github
CVE-2024-26229 has a 17 public PoC/Exploit
available at Github.
Go to the Public Exploits
tab to see the list.
Affected Products
The following products are affected by CVE-2024-26229
vulnerability.
Even if cvefeed.io
is aware of the exact versions of the
products
that
are
affected, the information is not represented in the table below.
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2024-26229
.
URL | Resource |
---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26229 |
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
None
A firebeam plugin that exploits the CVE-2024-26229 vulnerability to perform elevation of privilege from a unprivileged user
CMake C C++ Makefile Python
DRiver
C
Achieve arbitrary kernel read/writes/function calling in Hypervisor-Protected Code Integrity (HVCI) protected environments calling without admin permissions or kernel drivers.
C++ C
Windows CSC服务特权提升漏洞。 当程序向缓冲区写入的数据超出其处理能力时,就会发生基于堆的缓冲区溢出,从而导致多余的数据溢出到相邻的内存区域。这种溢出会损坏内存,并可能使攻击者能够执行任意代码或未经授权访问系统。本质上,攻击者可以编写触发溢出的恶意代码或输入,从而控制受影响的系统、执行任意命令、安装恶意软件或访问敏感数据。 微软已发出警告成功利用此漏洞的攻击者可以获得 SYSTEM 权限,这是 Windows 系统上的最高访问级别。这增加了与 CVE-2024-26229 相关的风险,使其成为恶意行为者的主要目标。
BOF implementations of CVE-2024-26229 for Cobalt Strike and BruteRatel
C
A PoC malware exploiting CVE-2024-26229
cve-2024-26229 malware
C
Windows CSC Service Elevation of Privilege Vulnerability
C
BOF implementations of CVE-2024-26229 for Cobalt Strike and BruteRatel
C
DRive a poc backdoor exploiting CVE-2024-26229 for privilege escalation and persistence
C
None
Windows LPE
C
CWE-781: Improper Address Validation in IOCTL with METHOD_NEITHER I/O Control Code
C
Latest CVEs with their Proof of Concept exploits.
Python
awesome game security [Welcome to PR]
game awesome cheat anticheat windows debug antidebug engine security anti driver kernel gameengine hack gamehack system android cpp game-development dbg
Python
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2024-26229
vulnerability anywhere in the article.
- Kaspersky
Exploits and vulnerabilities in Q2 2024
Q2 2024 was eventful in terms of new interesting vulnerabilities and exploitation techniques for applications and operating systems. Attacks through vulnerable drivers have become prevalent as a gener ... Read more
The following table lists the changes that have been made to the
CVE-2024-26229
vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
CVE Modified by [email protected]
May. 14, 2024
Action Type Old Value New Value -
CVE Received by [email protected]
Apr. 09, 2024
Action Type Old Value New Value Added Description Windows CSC Service Elevation of Privilege Vulnerability Added Reference Microsoft Corporation https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26229 [No types assigned] Added CWE Microsoft Corporation CWE-122 Added CVSS V3.1 Microsoft Corporation AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2024-26229
is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2024-26229
weaknesses.