CVE-2018-0743

HIGH

Windows Subsystem for Linux <1709 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-0743. PoCs published by Saar Amar.

AI-analyzed exploit summary This exploit leverages a heap overflow vulnerability in the Windows kernel (CVE-2018-0743) to achieve local privilege escalation (LPE) by corrupting kernel memory structures and executing shellcode to elevate privileges to SYSTEM. The exploit uses a combination of pipe spraying, semaphore manipulation, and shared memory corruption to achieve arbitrary code execution in kernel mode.

Description

Windows Subsystem for Linux in Windows 10 version 1703, Windows 10 version 1709, and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka "Windows Subsystem for Linux Elevation of Privilege Vulnerability".

Exploits (1)

exploitdb WORKING POC VERIFIED

by Saar Amar · clocalwindows

https://www.exploit-db.com/exploits/43962

View Code ZIP pw:eip

This exploit leverages a heap overflow vulnerability in the Windows kernel (CVE-2018-0743) to achieve local privilege escalation (LPE) by corrupting kernel memory structures and executing shellcode to elevate privileges to SYSTEM. The exploit uses a combination of pipe spraying, semaphore manipulation, and shared memory corruption to achieve arbitrary code execution in kernel mode.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Complex

Reliability

Racy

Target: Microsoft Windows Kernel (versions affected by CVE-2018-0743)

Auth required

Prerequisites: Local access to the target system · Ability to execute arbitrary code with low privileges

MITRE ATT&CK