skip to content
Decrypt LOL

Get Cyber-Smart in Just 5 Minutes a Week

Decrypt delivers quick and insightful updates on cybersecurity. No spam, no data sharing—just the info you need to stay secure.

Read the latest edition

CVE-2022-24547: New Windows Privilege Escalation Vulnerability Identified

/ 1 min read

🗂️ New Privilege Escalation Vulnerability Discovered in Microsoft Windows. CVE-2022-24547 is a privilege escalation vulnerability found in CastSrv.exe, allowing attackers to bypass security measures and gain elevated privileges on Windows 10 systems. The vulnerability arises from improper permissions and unchecked folder creation, enabling attackers to create arbitrary folders within another user’s account. Exploitation requires the attacker to be on the same system as the targeted user, with an active session. Suggested mitigations include restricting folder creation and validating symbolic links. Although the author did not successfully exploit the vulnerability, the research provided valuable insights into security and exploit development. For further details, refer to the original article.

Source
{entry.data.source.title}
Original