公开的隐秘:CVE-2024-30051在野提权漏洞研究
Tags
attack-pattern: Direct
Show in Graph
Common Information
Type Value
UUID 35d7a163-9ee8-4257-9344-ed413422bc3c
Fingerprint 206d73f8bce21b81
Analysis status DONE
Considered CTI value 0
Text language
Published April 18, 2024, midnight
Added to db Sept. 5, 2024, 2:55 p.m.
Last updated Nov. 17, 2024, 7:44 p.m.
Headline 公开的隐秘:CVE-2024-30051在野提权漏洞研究
Title 公开的隐秘:CVE-2024-30051在野提权漏洞研究
Detected Hints/Tags/Attributes 15/1/19
Source URLs
Redirection Url
Details Source https://mp.weixin.qq.com/s?__biz=MzI2MDc2MDA4OA==&mid=2247512365&idx=1&sn=710b2599bd33984303fdd16660edd361&chksm=ea66465add11cf4cdd356438020e41b92263c87bc7219fc04f3e4837e4527555fd80cbd8c12d&scene=58&subscene=0#rd
URL Provider
Details Provider Source level domain
Details qq.com mp.weixin.qq.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 267 奇安信威胁情报中心 https://wechat2rss.xlab.app/feed/b93962f981247c0091dad08df5b7a6864ab888e9.xml 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details CVE 17 
cve-2024-30051
Details CVE 3 
cve-2021-26900
Details Domain 4127 
github.com
Details Domain 261 
blog.talosintelligence.com
Details Domain 403 
securelist.com
Details Domain 452 
msrc.microsoft.com
Details File 14 
dwmcore.dll
Details File 3 
s1.dll
Details File 12 
win32kbase.sys
Details File 7 
s2.exe
Details File 3 
s3.dll
Details File 14 
consent.exe
Details File 48 
c:\\windows\\system32\\cmd.exe
Details Github username 3 
progmboy
Details Url 3 
https://www.zerodayinitiative.com/blog/2021/5/3/cve-2021-26900-privilege-escalation-via-a-use-after-free-vulnerability-in-win32k
Details Url 3 
https://github.com/progmboy/cansecwest2017
Details Url 3 
https://blog.talosintelligence.com/snapshot-fuzzing-direct-composition-with-wtf
Details Url 3 
https://securelist.com/cve-2024-30051/112618
Details Url 3 
https://msrc.microsoft.com/update-guide/vulnerability/cve-2024-30051