ZDI-23-1552: Microsoft Windows UMPDDrvPlgBlt Type Confusion Local Privilege Escalation Vulnerability - Cyber Security News

Read Time:19 Second

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Additionally, the target system must have multiple active monitors. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2023-36594.

More Stories

USN-7408-4: Linux kernel (HWE) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...

USN-7408-3: Linux kernel (FIPS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...

USN-7421-1: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...

USN-7420-1: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...

USN-7406-5: Linux kernel (NVIDIA) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...

USN-7418-1: Ruby vulnerabilities

It was discovered that Ruby incorrectly handled parsing of an XML document that has specific XML characters in an attribute...