CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21725 – Windows Malicious Software Removal Tool Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-21725
Windows Malicious Software Removal Tool Elevation of Privilege Vulnerability Vulnerabilidad que permite realizar una escalada de privilegios a través de la herramienta de eliminación de software malicioso de Windows (MSRT) • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21725 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-0733
https://notcve.org/view.php?id=CVE-2020-0733
An elevation of privilege vulnerability exists when the Windows Malicious Software Removal Tool (MSRT) improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Malicious Software Removal Tool Elevation of Privilege Vulnerability'. Se presenta una vulnerabilidad de elevación de privilegios cuando la Windows Malicious Software Removal Tool (MSRT) maneja inapropiadamente las uniones. Para explotar esta vulnerabilidad, un atacante primero tendría que obtener la ejecución sobre el sistema víctima, también se conoce como "Windows Malicious Software Removal Tool Elevation of Privilege Vulnerability". • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0733 •