漏洞简介
Microsoft流式处理代理权限提升漏洞(CVE-2023-36802):Windows 多媒体框架服务中的组件Microsoft KernelStreaming Server(mskssrv.sys)中存在对象类型混淆漏洞,通过该漏洞,具有低权限的本地攻击者可以在越界内存上执行流对象操作,从而在内核中执行恶意代码,最终可以将权限提升至SYSTEM。
测试版本
Win11 20H2成功
Win2019 成功
其它版本自行测试
EXP使用
CVE-2023-36802 whoami
CVE-2023-36802 "net user k8gege 123456 /add"
影响版本
Windows 10 Version 22H2 for 32-bit Systems
Windows 10 Version 22H2 for ARM64-based Systems
Windows 10 Version 22H2 for x64-based Systems
Windows 11 Version 22H2 for x64-based Systems
Windows 11 Version 22H2 for ARM64-based Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 11 version 21H2 for ARM64-based Systems
Windows 11 version 21H2 for x64-based Systems
Windows Server 2022 (Server Core installation)
Windows Server 2022
Windows Server 2019 (Server Core installation)
Windows Server 2019
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
链接
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36802
https://github.com/Nero22k/cve-2023-36802/tree/main
推荐站内搜索:最好用的开发软件、免费开源系统、渗透测试工具云盘下载、最新渗透测试资料、最新黑客工具下载……
还没有评论,来说两句吧...