CVE-2024-20656

HIGH

Visual Studio - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-20656. PoCs published by Wh04m1001.

AI-analyzed exploit summary This repository contains functional exploit code for CVE-2024-20656, demonstrating an oplock-based vulnerability in Windows. The code manipulates file handles and oplocks to achieve privilege escalation, targeting specific system directories and processes.

Description

Visual Studio Elevation of Privilege Vulnerability

Exploits (1)

nomisec WORKING POC 137 stars

by Wh04m1001 · poc

https://github.com/Wh04m1001/CVE-2024-20656

View Code ZIP pw:eip

This repository contains functional exploit code for CVE-2024-20656, demonstrating an oplock-based vulnerability in Windows. The code manipulates file handles and oplocks to achieve privilege escalation, targeting specific system directories and processes.

Classification

Working Poc 90%

Attack Type

Lpe

Complexity

Complex

Reliability

Reliable

Target: Microsoft Windows (specific version not specified)

No auth needed

Prerequisites: Access to a vulnerable Windows system · Ability to execute arbitrary code on the target system

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1548.002 - Bypass User Account Control

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (1)

Core 1

Core References

Patch, Vendor Advisory vendor-advisory

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20656

Scores

CVSS v3 7.8

EPSS 0.0391

EPSS Percentile 88.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-59

Status published

Products (4)

microsoft/visual_studio 2015 update3

microsoft/visual_studio_2017 15.0 - 15.9.59

microsoft/visual_studio_2019 16.0 - 16.11.33

microsoft/visual_studio_2022 17.2 - 17.2.23

Published Jan 09, 2024

Tracked Since Feb 18, 2026