Exploitation Summary
EIP tracks 2 public exploits for CVE-2020-1034. PoCs published by yardenshafir, GeorgiiFirsov.
AI-analyzed exploit summary This repository contains a privilege escalation PoC for CVE-2020-1034, targeting Windows 10 2004. The exploit manipulates ETW (Event Tracing for Windows) to modify token privileges, enabling local privilege escalation.
Description
<p>An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.</p> <p>To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.</p> <p>The security update addresses the vulnerability by ensuring the Windows Kernel properly handles objects in memory.</p>
Exploits (2)
This repository contains a privilege escalation PoC for CVE-2020-1034, targeting Windows 10 2004. The exploit manipulates ETW (Event Tracing for Windows) to modify token privileges, enabling local privilege escalation.
This repository contains a working exploit for CVE-2020-1034, a Windows Kernel Elevation of Privilege vulnerability. The exploit manipulates token privileges via ETW notifications to escalate privileges and spawn a command prompt with elevated permissions.
References (1)
Scores
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N