module

Service Tracing Privilege Elevation Vulnerability

Disclosed	Created
Feb 11, 2020	May 7, 2020

Disclosed

Feb 11, 2020

Created

May 7, 2020

Description

This module leverages a trusted file overwrite with a DLL hijacking
vulnerability to gain SYSTEM-level access on vulnerable Windows 10 x64
targets.

Authors

itm4n
bwatters-r7

Platform

Windows

Architectures

x64

References

Module Options

To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':


    msf > use exploit/windows/local/cve_2020_0668_service_tracing
    msf exploit(cve_2020_0668_service_tracing) > show targets
        ...targets...
    msf exploit(cve_2020_0668_service_tracing) > set TARGET < target-id >
    msf exploit(cve_2020_0668_service_tracing) > show options
        ...show and set options...
    msf exploit(cve_2020_0668_service_tracing) > exploit

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report