CVE-2023-21752

HIGH

Windows Backup Service - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 3 public exploits for CVE-2023-21752. PoCs published by nu11secur1ty, Wh04m1001, yosef0x01.

AI-analyzed exploit summary This is a writeup describing a privilege escalation vulnerability in Windows 11 Pro build 10.0.22000. The vulnerability allows an attacker to gain SYSTEM privileges by exploiting the Backup service.

Description

Windows Backup Service Elevation of Privilege Vulnerability

Exploits (3)

exploitdb WRITEUP

by nu11secur1ty · textlocalwindows

https://www.exploit-db.com/exploits/51203

View Code ZIP pw:eip

This is a writeup describing a privilege escalation vulnerability in Windows 11 Pro build 10.0.22000. The vulnerability allows an attacker to gain SYSTEM privileges by exploiting the Backup service.

Classification

Writeup 90%

Attack Type

Lpe

Complexity

Moderate

Reliability

Theoretical

Target: Windows 11 Pro build 10.0.22000

Auth required

Prerequisites: Access to a vulnerable Windows 11 system · Local user privileges

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WORKING POC 323 stars

by Wh04m1001 · poc

https://github.com/Wh04m1001/CVE-2023-21752

View Code ZIP pw:eip

This repository contains a proof-of-concept exploit for CVE-2023-21752, an arbitrary file delete vulnerability in the Windows Backup service. It includes two versions: one for arbitrary file deletion and another attempting to spawn an elevated command shell via symbolic link manipulation.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Moderate

Reliability

Racy

Target: Windows Backup Service (SDRsvc)

No auth needed

Prerequisites: Access to a vulnerable Windows system · Ability to execute arbitrary code on the target system

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1222 - File and Directory Permissions Modification

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec STUB

by yosef0x01 · poc

https://github.com/yosef0x01/CVE-2023-21752

View Code ZIP pw:eip

The repository contains only a README.md file with the CVE identifier and no exploit code or technical details. It appears to be a placeholder or incomplete submission.

Classification

Stub 10%

Attack Type

Other

Complexity

Trivial

Reliability

Theoretical

Target: unknown

No auth needed

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Vendor Advisory vendor-advisory

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21752

Scores

CVSS v3 7.1

EPSS 0.3793

EPSS Percentile 97.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-284

Status published

Products (10)

microsoft/windows_10

microsoft/windows_10 20h2

microsoft/windows_10 21h2

microsoft/windows_10 22h2

microsoft/windows_10 1607

microsoft/windows_10 1809

microsoft/windows_11 (2 CPE variants)

microsoft/windows_11 21h2 (2 CPE variants)

microsoft/windows_11 22h2 (2 CPE variants)

microsoft/windows_7

Published Jan 10, 2023

Tracked Since Feb 18, 2026