Tag Archives: CSC

Trending vulnerabilities for June according to Positive Technologies

Trending vulnerabilities for June according to Positive Technologies. Traditionally, in 3 formats (in Russian):

📹 The section “Trending VM” in the SecLab news video (starts at 15:03)
🗞 Post on the Habr website, in fact this is a slightly expanded scenario for the “Trending VM” section
🗒 Compact digest with technical details on the official PT website

List of vulnerabilities:

🔻 EoP in Microsoft Windows CSC (CVE-2024-26229)
🔻 EoP in Microsoft Windows Error Reporting (CVE-2024-26169)
🔻 EoP in Microsoft Windows Kernel (CVE-2024-30088)
🔻 RCE in PHP (CVE-2024-4577)
🔻 EoP in Linux Kernel (CVE-2024-1086)
🔻 InfDisclosure in Check Point Security Gateways (CVE-2024-24919)
🔻 RCE in VMware vCenter (CVE-2024-37079, CVE-2024-37080)
🔻 AuthBypass in Veeam Backup & Replication (CVE-2024-29849)

На русском

The criticality of the Elevation of Privilege – Windows CSC Service vulnerability (CVE-2024-26229) has increased dramatically

Leave a reply

The criticality of the Elevation of Privilege – Windows CSC Service vulnerability (CVE-2024-26229) has increased dramatically. The vulnerability is from Microsoft’s April Patch Tuesday. In April, no one highlighted this vulnerability at all.

Microsoft wrote about it “Exploitation Less Likely”. All that was known was that if exploited successfully, the attacker could gain SYSTEM privileges.

But 2 months later, on June 10, an exploit appeared on GitHub. 🤷‍♂️ Surprise! The criticality of the vulnerability has increased dramatically.

Could this be somehow predicted? IMHO, not at all. Another confirmation that predicting trending vulnerabilities is, of course, good, but does not cancel regular unconditional patching according to the established SLA (AIT).

The author of the exploit clarified the CWE of the vulnerability.

It was: CWE-122 – Heap-based Buffer Overflow

It became: CWE-781 – Improper Address Validation in IOCTL with METHOD_NEITHER I/O Control Code

На русском

This is my personal blog. The opinions expressed here are my own and not of my employer. All product names, logos, and brands are property of their respective owners. All company, product and service names used here for identification purposes only. Use of these names, logos, and brands does not imply endorsement. You can freely use materials of this site, but it would be nice if you place a link on https://avleonov.com and send message about it at me@avleonov.com or contact me any other way.

Alexander V. Leonov

Vulnerability Management and more

Tag Archives: CSC

Trending vulnerabilities for June according to Positive Technologies

The criticality of the Elevation of Privilege – Windows CSC Service vulnerability (CVE-2024-26229) has increased dramatically