CVE-2019-1388

Posted on : by : Lion

There is a privilege escalation vulnerability in the Windows Certificate Dialog allowing an attacker to easily elevate privileges to NT AUTHORITY\SYSTEM, it is documented as CVE-2019-1388.

This is a good video demonstrating the issue: https://www.youtube.com/watch?v=3BQKpPNlTSo in this case they use the hhupd.exe to perform the attack.

Also check out this link from @gentilkiwi about affected versions: https://gist.github.com/gentilkiwi/802c221c0731c06c22bb75650e884e5a

Of course you do not need hhupd to exploit that specific vulnerability in youre next red team engagement, its just easier.

Thanks to Eduardo Braun Prado (ZDI) for finding CVE-2019-1388!

Have fun and patch your systems.

Company Reviews

Leave a Reply

Your email address will not be published. Required fields are marked *