| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| CVE-2022-26904 | Microsoft Windows User Profile Service Privilege Escalation Vulnerability | primary_impact | T1068 | Exploitation for Privilege Escalation |
Comments
This vulnerability is exploited by an adversary who has already gained local access to the victim system. To exploit this vulnerability, the adversary needs to already have access to the system and must also "win a race condition". If successfully exploited, the adversary would gain elevated privileges on the victim system.
This vulnerability has been identified as exploited in the wild; however, technical exploitation details have not been publicly shared.
References
|
| CVE-2022-26904 | Microsoft Windows User Profile Service Privilege Escalation Vulnerability | exploitation_technique | T1078 | Valid Accounts |
Comments
This vulnerability is exploited by an adversary who has already gained local access to the victim system. To exploit this vulnerability, the adversary needs to already have access to the system and must also "win a race condition". If successfully exploited, the adversary would gain elevated privileges on the victim system.
This vulnerability has been identified as exploited in the wild; however, technical exploitation details have not been publicly shared.
References
|