CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21725 – Windows Malicious Software Removal Tool Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-21725
10 Jan 2023 — Windows Malicious Software Removal Tool Elevation of Privilege Vulnerability Vulnerabilidad que permite realizar una escalada de privilegios a través de la herramienta de eliminación de software malicioso de Windows (MSRT) • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21725 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-0733
https://notcve.org/view.php?id=CVE-2020-0733
11 Feb 2020 — An elevation of privilege vulnerability exists when the Windows Malicious Software Removal Tool (MSRT) improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Malicious Software Removal Tool Elevation of Privilege Vulnerability'. Se presenta una vulnerabilidad de elevación de privilegios cuando la Windows Malicious Software Removal Tool (MSRT) maneja inapropiadamente las uniones. Para explotar esta vulnerabilidad, un ataca... • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0733 •