CVE-2010-2554

HIGH

Microsoft Windows Vista/Server 2008/7 Privilege Escalation via Registry Key ACL Misconfiguration

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2010-2554. PoCs published by Cesar Cerrudo.

AI-analyzed exploit summary The provided entry lacks actual exploit code and instead redirects to an external download link, which is a common tactic for suspicious or malicious repositories. No technical details or code snippets are included in the description.

Description

The Tracing Feature for Services in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 has incorrect ACLs on its registry keys, which allows local users to gain privileges via vectors involving a named pipe and impersonation, aka "Tracing Registry Key ACL Vulnerability."

Exploits (1)

exploitdb SUSPICIOUS VERIFIED
by Cesar Cerrudo · textlocalwindows
https://www.exploit-db.com/exploits/14610

The provided entry lacks actual exploit code and instead redirects to an external download link, which is a common tactic for suspicious or malicious repositories. No technical details or code snippets are included in the description.

Classification
Suspicious 90%
Attack Type
Lpe
Complexity
Theoretical
Reliability
Theoretical
Target: Microsoft Windows
No auth needed
Prerequisites: Local access to the target system
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12082

Scores

CVSS v3 7.8
EPSS 0.0192
EPSS Percentile 77.2%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-264
Status published
Products (3)
microsoft/windows_7
microsoft/windows_server_2008 (8 CPE variants)
microsoft/windows_vista (4 CPE variants)
Published Aug 11, 2010
Tracked Since Feb 18, 2026