Published: 15/12/2021 Updated: 12/07/2022

CVSS v2 Base Score: 6 | Impact Score: 6.4 | Exploitability Score: 6.8

CVSS v3 Base Score: 7.5 | Impact Score: 5.9 | Exploitability Score: 1.6

VMScore: 535

Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P

Windows Encrypting File System (EFS) Elevation of Privilege Vulnerability

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft windows 10 -
microsoft windows 10 1607
microsoft windows server 2008 r2
microsoft windows 7 -
microsoft windows server 2012 r2
microsoft windows server 2016 -
microsoft windows rt 8.1 -
microsoft windows 10 20h2
microsoft windows 10 1809
microsoft windows 10 1909
microsoft windows 10 2004
microsoft windows 8.1 -
microsoft windows server 2016 2004
microsoft windows server 2012 -
microsoft windows server 2019 -
microsoft windows 10 21h1
microsoft windows 10 21h2
microsoft windows 11 -
microsoft windows server 20h2
microsoft windows server 2022

Cve-2022-26809 CVE-2022-26809 This repo just simply research for the CVE, for more detailed ananlysis,please refer here UPDATE:05/19 2022 This ananlyze hasn't been finished yet UPDATE:05/22 2022 HuanGMz Post and corelight blog show the real vulnerable point: OSF_CASSOCIATION::ProcessBindAckOrNak This vulnerability is triggered like CVE-2021-43893, when send the ESFRP

Proof of Concept for EFSRPC Arbitrary File Upload (CVE-2021-43893)

Blank Space Blank Space is a refactoring of James Forshaw's original proof of concept for CVE-2021-43893, EFSRPC arbitrary file upload privilege escalation Blank Space can create arbitrary files on a remote host that is using unconstrained delegation if it isn't patched for CVE-2021-43893 File creation is done using the privileges of the remote user, so code executi

CVE-2022-26809 This repo just simply research for the CVE, for more detailed ananlysis,please refer here UPDATE:05/19 2022 This ananlyze hasn't been finished yet UPDATE:05/22 2022 HuanGMz Post and corelight blog show the real vulnerable point: OSF_CASSOCIATION::ProcessBindAckOrNak This vulnerability is triggered like CVE-2021-43893, when send the ESFRPC request to ls

Microsoft closes installer hole abused by Emotet malware, Google splats Chrome bug exploited in the wild

The Register • Chris Williams, Editor in Chief • 15 Dec 2021

Get our weekly newsletter Round off the year with a large crop of fixes for programming blunders

Patch Tuesday It's not just Log4j you need to worry about this week. It's the final Patch Tuesday of the year. If you haven't already installed these fixes, or started testing them ahead of deployment, now would be a good time before exploits are developed and deployed over the Christmas break. At least two of them – one in Windows AppX Installer and one in Chrome – are being exploited in the wild right now. Let's start with Microsoft, which put out a summary of its security updates here. Al...

CVE-2021-43893

Vulnerability Summary

Vulnerability Trend

Github Repositories

Recent Articles

References

Vulmon Search

About

Products

Connect