VMware Tools (12.0.0, 11.x.y and 10.x.y) contains a local privilege escalation vulnerability. A malicious actor with local non-administrative access to the Guest OS can escalate privileges as a root user in the virtual machine.
An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the vulnerability. This vulnerability by itself does not allow arbitrary code to be run. However, this vulnerability could be used in conjunction with one or more vulnerabilities (e.g. a remote code execution vulnerability and another elevation of privilege) that could take advantage of the elevated privileges when running. The update addresses the vulnerability by correcting how the Windows Audio Service handles processes these requests.
Improper initialization in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated user to potentially enable escalation of privilege via local access.
Windows GDI Elevation of Privilege Vulnerability
Microsoft Windows Defender Elevation of Privilege Vulnerability
A flaw was found in the QEMU Guest Agent service for Windows. A local unprivileged user may be able to manipulate the QEMU Guest Agent's Windows installer via repair custom actions to elevate their privileges on the system.
IBM Db2 on Windows 10.5, 11.1, and 11.5 may be vulnerable to a privilege escalation caused by at least one installed service using an unquoted service path. A local attacker could exploit this vulnerability to gain elevated privileges by inserting an executable file in the path of the affected service. IBM X-Force ID: 249194.
The Samsung Universal Print Driver for Windows is potentially vulnerable to escalation of privilege allowing the creation of a reverse shell in the tool. This is only applicable for products in the application released or manufactured before 2018.
Windows Accounts Picture Elevation of Privilege Vulnerability
An improper access control vulnerability in the Trend Micro Apex One agent could allow a local attacker to gain elevated privileges and create arbitrary directories with arbitrary ownership.
A vulnerability has been identified that, if exploited, could result in a local user elevating their privilege level to NT AUTHORITY\SYSTEM on a Citrix Virtual Apps and Desktops Windows VDA.
A vulnerability has been discovered in the Citrix Secure Access client for Windows which, if exploited, could allow an attacker with access to an endpoint with Standard User Account that has the vulnerable client installed to escalate their local privileges to that of NT AUTHORITY\SYSTEM.
Pritunl Client through 1.2.3019.52 on Windows allows local privilege escalation, related to an ACL entry for CREATOR OWNER in platform_windows.go.
Windows Installer Elevation of Privilege Vulnerability
Windows DWM Core Library Elevation of Privilege Vulnerability
Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Secure Access Client for Windows
A unnecessary privilege vulnerability in Trend Micro Apex One and Trend Micro Worry-Free Business Security 10.0 SP1 (on-prem versions only) could allow a local attacker to abuse an impersonation privilege and elevate to a higher level of privileges. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to but not identical to CVE-2021-42104, 42105 and 42107.
Zoho Remote Access Plus Server Windows Desktop Binary fixed in 10.1.2132.6 is affected by a sensitive information disclosure vulnerability. Due to improper privilege management, the process launches as the logged in user, so memory dump can be done by non-admin also. Remotely, an attacker can dump all sensitive information including DB Connection string, entire IT infrastructure details, commands executed by IT admin including credentials, secrets, private keys and more.
Windows Kernel Elevation of Privilege Vulnerability
Windows Core Shell SI Host Extension Framework for Composable Shell Elevation of Privilege Vulnerability
Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to but not identical to CVE-2021-42104, 42106 and 42107.
Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability
Unnecessary privilege vulnerabilities in the Web Console of Trend Micro Apex One, Apex One as a Service and Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to but not identical to CVE-2021-42105, 42106 and 42107.
Visual Studio Code Elevation of Privilege Vulnerability
Windows Feedback Hub Elevation of Privilege Vulnerability
Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to but not identical to CVE-2021-42104, 42105 and 42106.
NTFS Elevation of Privilege Vulnerability
Microsoft DWM Core Library Elevation of Privilege Vulnerability
Windows Kernel Elevation of Privilege Vulnerability
A improper privilege management in Fortinet FortiSIEM Windows Agent version 4.1.4 and below allows attacker to execute privileged code or commands via powershell scripts
Storage Spaces Controller Elevation of Privilege Vulnerability
Windows Fast FAT File System Driver Elevation of Privilege Vulnerability
Windows AppX Deployment Service Elevation of Privilege Vulnerability
NTFS Elevation of Privilege Vulnerability
Credential Security Support Provider Protocol (CredSSP) Elevation of Privilege Vulnerability
Windows Desktop Bridge Elevation of Privilege Vulnerability
NTFS Elevation of Privilege Vulnerability
Windows Event Tracing Elevation of Privilege Vulnerability
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Storage Spaces Controller Elevation of Privilege Vulnerability
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Windows Print Spooler Elevation of Privilege Vulnerability
DirectX Graphics Kernel Elevation of Privilege Vulnerability
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Storage Spaces Controller Elevation of Privilege Vulnerability
Storage Spaces Controller Elevation of Privilege Vulnerability
Windows Print Spooler Elevation of Privilege Vulnerability
Windows Kernel Elevation of Privilege Vulnerability