Microsoft Windows Task Scheduler Security Feature Bypass

Posted by deepcore on May 16, 2020 – 9:23 pm

Compass Security identified a security feature bypass vulnerability in Microsoft Windows. Due to the absence of integrity verification requirements for the RPC protocol and in particular the Task Scheduler, a man-in-the-middle attacker can relay his victim’s NTLM authentication to a target of his choice over the RPC protocol. Provided the victim has administrative privileges on the target, the attacker can execute code on the remote target.

This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.

« ManageEngine AssetExplorer Authenticated Command Execution ACal 2.2.6 Remote Code Execution »

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Microsoft Windows Task Scheduler Security Feature Bypass

Post a reply

Tabs Switcher

Categories

Archives

Meta

BLOGROLL