Open dledda-r7 opened 2 months ago
Hello :wave:
Want to pick this one up. Please assign it to me..
Hello @3V3RYONE, did you had the chance to work on that?
Hi @dledda-r7 , I was able to use the exploit in a target system. Right now, understanding how to put a module in Metasploit for this. Will ask in Slack. Thanks for checking upon!
Apologies for the delay, please feel free to let me know if this is needed urgently.
Hello @3V3RYONE, no worries, there is no rush. I just wanted to know if you were working on that or not, otherwise I could spend some time next week. Happy to see you had good progress!
Summary
Crowdefense recently shared a PoC for a LPE in Windows.
Resources: https://www.crowdfense.com/windows-applocker-driver-lpe-vulnerability-cve-2024-21338/ https://nvd.nist.gov/vuln/detail/CVE-2024-21338