An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC), aka Windows ALPC Elevation of Privilege Vulnerability. This affects Windows Server 2016, Windows 10, Windows Server 2019, Windows 10 Servers.
Weakness
The product checks the state of a resource before using that resource, but the resource’s state can change between the check and the use in a way that invalidates the results of the check.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Windows_10 | Microsoft | - (including) | - (including) |
| Windows_10 | Microsoft | 1607 (including) | 1607 (including) |
| Windows_10 | Microsoft | 1703 (including) | 1703 (including) |
| Windows_10 | Microsoft | 1709 (including) | 1709 (including) |
| Windows_10 | Microsoft | 1803 (including) | 1803 (including) |
| Windows_10 | Microsoft | 1809 (including) | 1809 (including) |
| Windows_server_2016 | Microsoft | - (including) | - (including) |
| Windows_server_2016 | Microsoft | 1709 (including) | 1709 (including) |
| Windows_server_2016 | Microsoft | 1803 (including) | 1803 (including) |
| Windows_server_2019 | Microsoft | - (including) | - (including) |
Potential Mitigations
Related Attack Patterns
References
- http://www.securityfocus.com/bid/105808
- http://www.securitytracker.com/id/1042119
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8584
- https://www.exploit-db.com/exploits/46104/
- http://www.securityfocus.com/bid/105808
- http://www.securitytracker.com/id/1042119
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8584
- https://www.exploit-db.com/exploits/46104/