Medium to High Integrity Privilege Escalation in Microsoft Windows

FR-2024-002 - Medium to High Integrity Privilege Escalation in Microsoft Windows

Severity
Medium
Published Date
26-Sep-2024
Updated Date
26-Sep-2024
Vulnerabilities
CVE-2024-6769
 
Notes
Description

A DLL Hijacking caused by drive remapping combined with a poisoning of the activation cache in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated attacker to elevate from a medium integrity process to a high integrity process without the intervention of a UAC prompt.

 

Vulnerabilities

 
Medium to High Integrity Privilege Escalation in Microsoft Windows
Severity
Medium
CVE
CVE-2024-6769
CWE
CWE-426:Untrusted Search Path
Discovery Date
17-Nov-2023
CSSv3.1
6.7 (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)
Affected Products
Vulnerability Notes
Details

Timeline:

  • May 15, 2024 – Fortra reported this issue to Microsoft
  • June 25, 2024 – Fortra followed up with Microsoft.
  • June 27, 2024 – Microsoft responded to Fortra that they did not classify this as a vulnerability. The case was marked as complete.
  • July 10, 2024 – Fortra replied with a rebuttle document from the research involved in the process.
  • July 10, 2024 – Microsoft confirmed receipt of the document and shared it with an analyst, stating they would follow-up when a review was completed.
  • July 16, 2024 – Fortra informed Microsoft that 60-days had passed, but we would await a response from their analyst before disclosure.
  • August 13 – Fortra followed up with Microsoft to see if there was a response. 
 
References
 

Acknowledgements

Fortra would like to thank the following individuals:

  • Nicolás Economou
  • Ricardo Narvaja