Exploitation Summary
EIP tracks 1 public exploit for CVE-2018-0880. PoCs published by Google Security Research.
AI-analyzed exploit summary This PowerShell script exploits CVE-2018-0880 by manipulating the Desktop Bridge virtual registry to create arbitrary files as SYSTEM, leading to privilege escalation. It uses mount points and symbolic links to redirect registry hive log file creation to a writable location.
Description
The Desktop Bridge in Windows 10 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how the virtual registry is managed, aka "Windows Desktop Bridge Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0882.
Exploits (1)
This PowerShell script exploits CVE-2018-0880 by manipulating the Desktop Bridge virtual registry to create arbitrary files as SYSTEM, leading to privilege escalation. It uses mount points and symbolic links to redirect registry hive log file creation to a writable location.
References (4)
Scores
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H