Vulnerability Note VU#906424
Microsoft Windows task scheduler contains a local privilege escalation vulnerability in the ALPC interface
Overview
Microsoft Windows task scheduler contains a local privilege escalation vulnerability in the Advanced Local Procedure Call (ALPC) interface, which can allow a local user to obtain SYSTEM privileges.
Description
Microsoft Windows task scheduler contains a vulnerability in the handling of ALPC, which can allow a local user to gain SYSTEM privileges. We have confirmed that the public exploit code works on 64-bit Windows 10 and Windows Server 2016 systems. Compatibility with other Windows versions may be possible with modification of the publicly-available exploit source code. |
Impact
A local user may be able to gain elevated (SYSTEM) privileges. |
Solution
The CERT/CC is currently unaware of a practical solution to this problem. |
Vendor Information (Learn More)
| Vendor | Status | Date Notified | Date Updated |
|---|---|---|---|
| Microsoft | Affected | 27 Aug 2018 | 27 Aug 2018 |
CVSS Metrics (Learn More)
| Group | Score | Vector |
|---|---|---|
| Base | 6.8 | AV:L/AC:L/Au:S/C:C/I:C/A:C |
| Temporal | 6.5 | E:F/RL:U/RC:C |
| Environmental | 6.4 | CDP:ND/TD:H/CR:ND/IR:ND/AR:ND |
References
Credit
This issue was publicly disclosed by SandboxEscaper.
This document was written by Will Dormann.
Other Information
- CVE IDs: Unknown
- Date Public: 27 Aug 2018
- Date First Published: 27 Aug 2018
- Date Last Updated: 28 Aug 2018
- Document Revision: 11
Feedback
If you have feedback, comments, or additional information about this vulnerability, please send us email.
View Notes By
Report a Vulnerability
Please use the Vulnerability Reporting Form to report a vulnerability. Alternatively, you can send us email. Be sure to read our vulnerability disclosure policy.