Posted on : by : Lion

There is a privilege escalation vulnerability in the Windows Certificate Dialog allowing an attacker to easily elevate privileges to NT AUTHORITY\SYSTEM, it is documented as CVE-2019-1388.

This is a good video demonstrating the issue: in this case they use the hhupd.exe to perform the attack.

Also check out this link from @gentilkiwi about affected versions:

Of course you do not need hhupd to exploit that specific vulnerability in youre next red team engagement, its just easier.

Thanks to Eduardo Braun Prado (ZDI) for finding CVE-2019-1388!

Have fun and patch your systems.

Company Reviews

Leave a Reply

Your email address will not be published. Required fields are marked *