A DLL Hijacking caused by drive remapping combined with a poisoning of the activation cache in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated attacker to elevate from a medium integrity process to a high integrity process without the intervention of a UAC prompt.
Metrics
Affected Vendors & Products
References
History
Wed, 02 Oct 2024 18:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Microsoft
Microsoft windows 10 Microsoft windows 11 Microsoft windows Server 2016 Microsoft windows Server 2019 Microsoft windows Server 2022 |
|
CPEs | cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:* |
|
Vendors & Products |
Microsoft
Microsoft windows 10 Microsoft windows 11 Microsoft windows Server 2016 Microsoft windows Server 2019 Microsoft windows Server 2022 |
|
References |
| |
Metrics |
ssvc
|
Thu, 26 Sep 2024 20:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A DLL Hijacking caused by drive remapping combined with a poisoning of the activation cache in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated attacker to elevate from a medium integrity process to a high integrity process without the intervention of a UAC prompt. | |
Title | Medium to High Integrity Privilege Escalation in Microsoft Windows | |
Weaknesses | CWE-426 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: Fortra
Published: 2024-09-26T20:18:38.460Z
Updated: 2024-10-02T17:12:48.256Z
Reserved: 2024-07-15T21:02:43.641Z
Link: CVE-2024-6769
Vulnrichment
Updated: 2024-09-26T20:45:24.498Z
NVD
Status : Awaiting Analysis
Published: 2024-09-26T21:15:07.787
Modified: 2024-11-21T09:50:16.560
Link: CVE-2024-6769
Redhat
No data.