Main Vulnerability Database Vulnerabilities #VU18580

Race condition in Windows - #VU18580

Published: May 23, 2019

Vulnerability identifier: #VU18580

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear

CVE-ID: N/A

CWE-ID: CWE-362

Exploitation vector: Local access

Exploit availability: No public exploit available

Vendor: Microsoft

Affected software:
Windows

Detailed vulnerability description

The vulnerability allows a remote attacker to escalate privileges on the system.

The vulnerability exists due to a race condition in the way the Windows Error Reporting service is processing file permissions. A local user can create a hardlink to a privileged file and change its permission within a short timeframe.

Successful exploitation of the vulnerability may allow an attacker to grant write permissions to critical system files and escalate privileges on the system.

Remediation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Sources

https://github.com/SandboxEscaper/polarbearrepo/tree/master/angrypolarbearbug2

Race condition in Windows - #VU18580

Detailed vulnerability description

Remediation

Sources

Please verify you're human