Windows User Profile Service Elevation of Privilege Vulnerability
| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| CVE-2022-21919 | Microsoft Windows User Profile Service Privilege Escalation Vulnerability | primary_impact | T1068 | Exploitation for Privilege Escalation |
Comments
This vulnerability is exploited by an adversary who has already gained local access to the victim system. The adversary gains access to the vulnerability either by social engineering, a separate exploit, or malware. Exploiting this vulnerability grants the adversary elevated privileges on the victim system.
This vulnerability has been identified as being exploited in the wild; however, technical details of how the vulnerability has been leveraged by a hacker or APT have not been publicly released.
References
|
| CVE-2022-21919 | Microsoft Windows User Profile Service Privilege Escalation Vulnerability | exploitation_technique | T1078 | Valid Accounts |
Comments
This vulnerability is exploited by an adversary who has already gained local access to the victim system. The adversary gains access to the vulnerability either by social engineering, a separate exploit, or malware. Exploiting this vulnerability grants the adversary elevated privileges on the victim system.
This vulnerability has been identified as being exploited in the wild; however, technical details of how the vulnerability has been leveraged by a hacker or APT have not been publicly released.
References
|