CVE-2010-3888

EXPLOITED IN THE WILD

Microsoft Windows - Privilege Escalation

Title source: llm

Exploitation Summary

CVE-2010-3888 has been observed exploited in the wild (reported by VulnCheck KEV, InTheWild.io). EIP tracks 2 public exploits from researchers including Metasploit, webDEViL.

AI-analyzed exploit summary This Metasploit module exploits CVE-2010-3338, a privilege escalation vulnerability in Windows Task Scheduler 2.0. It manipulates task files by creating a CRC32 collision to execute arbitrary commands with SYSTEM privileges.

Description

Unspecified vulnerability in Microsoft Windows on 32-bit platforms allows local users to gain privileges via unknown vectors, as exploited in the wild in July 2010 by the Stuxnet worm, and identified by Kaspersky Lab researchers and other researchers.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubylocalwindows

https://www.exploit-db.com/exploits/19930

View Code ZIP pw:eip

This Metasploit module exploits CVE-2010-3338, a privilege escalation vulnerability in Windows Task Scheduler 2.0. It manipulates task files by creating a CRC32 collision to execute arbitrary commands with SYSTEM privileges.

Classification

Working Poc 100%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: Windows Task Scheduler 2.0 (Windows Vista, 7, and 2008)

Auth required

Prerequisites: Local access to the target system · Ability to create and modify task files

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 18, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by webDEViL · localwindows

https://www.exploit-db.com/exploits/15589

View Code ZIP pw:eip

This exploit leverages a privilege escalation vulnerability in Windows Task Scheduler by manipulating the CRC-32 checksum of a scheduled task file to execute arbitrary commands with elevated privileges. It creates a malicious task that adds a new administrator user and then deletes the task.

Classification

Working Poc 95%