CVSS: 7.8EPSS: 90%CPEs: 5EXPL: 21CVE-2021-36934 – Microsoft Windows SAM Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-36934
22 Jul 2021 —
An elevation of privilege vulnerability exists because of overly permissive Access Control Lists (ACLs) on multiple system files, including the Security Accounts Manager (SAM) database. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
An attacker must have the ability to execute code on a victim system to exploit this vulnera... • https://packetstorm.news/files/id/164006 •
CVSS: 9.3EPSS: 58%CPEs: 19EXPL: 4CVE-2020-0787 – Microsoft Windows Background Intelligent Transfer Service (BITS) Improper Privilege Management Vulnerability
https://notcve.org/view.php?id=CVE-2020-0787
12 Mar 2020 — An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) improperly handles symbolic links, aka 'Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability'. Existe una vulnerabilidad de elevación de privilegios cuando el Windows Background Intelligent Transfer Service (BITS) maneja inapropiadamente los enlaces simbólicos, también se conoce como "Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerabilit... • https://packetstorm.news/files/id/158056 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •