PATCHAPALOOZA-Adrien_CHAMUSSY/cve-2023-36874

PATCHAPALOOZA WORKING POC

Exploit for CVE-2023-36874 - Windows Error Reporting Service - Privilege Escalation

AI Analysis

This repository contains a functional exploit for CVE-2023-36874, leveraging symbolic link manipulation and COM object interactions to achieve local privilege escalation. The exploit creates a malicious WER report and manipulates directory objects to escalate privileges.

Attack Type

LPE

Complexity

moderate

Reliability

reliable

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1548 - Abuse Elevation Control Mechanism

Loading exploit code...

Download ZIP Password: eip

Source

Platform Patchapalooza

Type local

Files 11

https://gitlab.com/Adrien_CHAMUSSY/cve-2023-36874

Authors

Adrien_CHAMUSSY

Vulnerability

CVE-2023-36874

Windows Error Reporting Service - Privilege Escalation

HIGH KEV

CVSS 7.8