all InfoSec news
Technical Analysis of Windows CLFS Zero-Day Vulnerability CVE-2022-37969 – Part 2: Exploit Analysis
Security Boulevard securityboulevard.com
In Part 1 of this blog series, we analyzed the root cause for CVE-2022-37969. In this blog, we will present an in-the-wild exploit that was discovered by Zscaler ThreatLabz that successfully leveraged CVE-2022-37969 for privilege escalation on Windows 10 and Windows 11.
Debugging Environment
The analysis and debugging for the exploitation was conducted in the following environment.
Windows 11 21H2 version 22000.918
CLFS.sys 10.0.22000.918
Windows 10 21H2 version 19044.1949
CLFS.sys 10.0.19041.1865
Prerequisite
Before starting to analyze the exploitation of CVE-2022-37969, …
analysis clfs cve cve-2022-37969 exploit technical technical analysis vulnerability windows zero-day zero-day vulnerability