Main Vulnerability Database Exploits ID:1524 - Exploit for Privilege escalation in Windows and Windows Server - CVE-2018-8440

ID:1524 - Exploit for Privilege escalation in Windows and Windows Server - CVE-2018-8440

Published: March 18, 2020

Vulnerability identifier: #VU14547

Vulnerability risk: Medium

CVE-ID: CVE-2018-8440

CWE-ID: CWE-264

Exploitation vector: Local access

Vulnerable software:
Windows
Windows Server

Link to public exploit:

https://www.rapid7.com/db/modules/exploit/windows/local/alpc_taskscheduler

Vulnerability description

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The vulnerability exists due to ALPC access control flaw. A local attacker can create a hard link from a readable file on the system to a '.job' file in the 'c:\windows\tasks' directory, invoke the _SchRpcSetSecurity() method of the task scheduler service ALPC endpoint to overwrite the linked file and gain system level privileges on the target system. The vulnerability was dubbed "SendboxEscaper".

Note: the vulnerability is being exploited in the wild by the PowerPool group.

Remediation

Install update from vendor's website.

ID:1524 - Exploit for Privilege escalation in Windows and Windows Server - CVE-2018-8440

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human