- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 44697
- Проверка EDB
-
- Пройдено
- Автор
- CAN BöLüK
- Тип уязвимости
- LOCAL
- Платформа
- WINDOWS
- CVE
- cve-2018-8897
- Дата публикации
- 2018-05-22
Microsoft Windows - 'POP/MOV SS' Privilege Escalation
Код:
Demo exploitation of the POP SS vulnerability (CVE-2018-8897), leading to unsigned code execution with kernel privilages.
- KVA Shadowing should be disabled and the relevant security update should be uninstalled.
- This may not work with certain hypervisors (like VMWare), which discard the pending #DB after INT3.
Proof of Concept:
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/44697.zip- Источник
- www.exploit-db.com
