poc does not work even with all conditions satisfied

[aimhighstayhigh]

as per screenshot, using bthserv as an example, the svchost.exe (PID 1408) hosting bthserv service is running as local service, not protected and has SeImpersonatePrivilege but still has error "CreateProcessAsUserW failed with error 5"

windows version verified to be before patch, and appid.sys is running

kindly advise, thank you

[Nero22k]

Either change the permissions on your "user" folder or just put your exploit in "Public" folder.

https://github.com/Nero22k/Exploits/blob/eebe7b50509a8974f3821c9102bded04730114a1/Windows/CVE-2024-21338/CVE-2024-21338/main.c#L93