ZDI-23-1555: Microsoft Windows DirectX GpuMmu Race Condition Local Privilege Escalation Vulnerability | allinfosecnews.com

Oct. 11, 2023, 5 a.m. |

ZDI: Published Advisories www.zerodayinitiative.com

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2023-38159.

attacker attackers code cves cvss directx escalation exploit local local privilege escalation low microsoft microsoft windows order privilege privileged privilege escalation privileges race race condition rating system target vulnerability windows zdi

More from www.zerodayinitiative.com / ZDI: Published Advisories

ZDI-24-483: Adobe Acrobat Reader DC PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability 1 day, 22 hours ago | www.zerodayinitiative.com

acrobat acrobat reader adobe adobe acrobat +20

ZDI-24-482: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability 1 day, 22 hours ago | www.zerodayinitiative.com

acrobat acrobat reader adobe adobe acrobat +18

ZDI-24-481: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability 1 day, 22 hours ago | www.zerodayinitiative.com

acrobat acrobat reader adobe adobe acrobat +18

ZDI-24-480: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability 1 day, 22 hours ago | www.zerodayinitiative.com

acrobat acrobat reader adobe adobe acrobat +18

ZDI-24-479: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability 1 day, 22 hours ago | www.zerodayinitiative.com

acrobat acrobat reader adobe adobe acrobat +18

ZDI-24-478: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability 1 day, 22 hours ago | www.zerodayinitiative.com

acrobat acrobat reader adobe adobe acrobat +18

ZDI-24-477: Adobe Acrobat Reader DC PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability 1 day, 22 hours ago | www.zerodayinitiative.com

acrobat acrobat reader adobe adobe acrobat +20

ZDI-24-476: (Pwn2Own) QNAP TS-464 HLS_tmp Directory Traversal Arbitrary File Creation Vulnerability 1 day, 22 hours ago | www.zerodayinitiative.com

arbitrary code attackers authentication code +14

ZDI-24-475: (Pwn2Own) QNAP TS-464 File Upload Directory Traversal Arbitrary File Creation Vulnerability 1 day, 22 hours ago | www.zerodayinitiative.com

arbitrary files attackers authentication cve +16

Sr. Product Manager

@ MixMode | Remote, US

View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City

View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada

View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA

View on infosec-jobs.com

Test Systems Design & Cybersecurity Engineer

@ Boeing | USA - El Segundo, CA

View on infosec-jobs.com

Cybersecurity Support Engineer (FortiClient) - Malaysia

@ Fortinet | Wilayah Persekutuan Kuala Lumpur, Malaysia

View on infosec-jobs.com