Main Vulnerability Database Exploits ID:12702 - Exploit for Permissions, Privileges, and Access Controls in Windows and Windows Server

ID:12702 - Exploit for Permissions, Privileges, and Access Controls in Windows and Windows Server

Published: May 13, 2026

Vulnerability identifier: #VU131349

Vulnerability risk: Low

CVE-ID: N/A

CWE-ID: CWE-264

Exploitation vector: Local access

Vulnerable software:
Windows
Windows Server

Link to public exploit:

https://github.com/Nightmare-Eclipse/GreenPlasma

Vulnerability description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to an error in Windows CTFMON. A local unprivileged user can create an arbitrary memory section object in any directory object, writable by SYSTEM, and execute arbitrary code with SYSTEM privileges.

The vulnerability was dubbed GreenPlasma by its researcher.

Remediation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

ID:12702 - Exploit for Permissions, Privileges, and Access Controls in Windows and Windows Server

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human