ID:6337 - Exploit for Privilege escalation in Microsoft products - CVE-2018-0952

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Exploits ID:6337 - Exploit for Privilege escalation in Microsoft products - CVE-2018-0952

ID:6337 - Exploit for Privilege escalation in Microsoft products - CVE-2018-0952

Published: June 17, 2021


Vulnerability identifier: #VU14409
Vulnerability risk: Low
CVE-ID: CVE-2018-0952
CWE-ID: CWE-264
Exploitation vector: Local access
Vulnerable software:
Windows
Windows Server
Visual Studio

Link to public exploit:


Vulnerability description

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The vulnerability exists due to Diagnostics Hub Standard Collector allows to create files in arbitrary locations. A local attacker can run a specially crafted application and execute arbitrary code with elevated privileges.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


Remediation

Install updates from vendor's website.