module
Microsoft Windows DrawIconEx OOB Write Local Privilege Elevation
| Disclosed |
|---|
| Feb 20, 2020 |
Disclosed
Feb 20, 2020
Description
This module exploits CVE-2020-1054, an out of bounds write reachable from DrawIconEx
within win32k. The out of bounds write can be used to overwrite the pvbits of a
SURFOBJ. By utilizing this vulnerability to execute controlled writes to kernel
memory, an attacker can gain arbitrary code execution as the SYSTEM user.
This module has been tested against a fully updated Windows 7 x64 SP1. Offsets
within the exploit code may need to be adjusted to work with other versions of
Windows.
within win32k. The out of bounds write can be used to overwrite the pvbits of a
SURFOBJ. By utilizing this vulnerability to execute controlled writes to kernel
memory, an attacker can gain arbitrary code execution as the SYSTEM user.
This module has been tested against a fully updated Windows 7 x64 SP1. Offsets
within the exploit code may need to be adjusted to work with other versions of
Windows.
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.