⚠ Actively exploited

Added to CISA KEV on 2022-03-03. Federal agencies required to patch by 2022-03-24. Required action: Apply updates per vendor instructions..

CVE-2002-0367 — Improper Privilege Management in Microsoft Windows NT

CWE-269 — Improper Privilege Management6 documents6 sources

Severity

7.8HIGHNVD

EPSS

1.2%

top 20.83%

CISA KEV

KEV

Added 2022-03-03

Due 2022-03-24

Exploit

Exploited in wild

Active exploitation observed

Affected products

Microsoft Windows NT

Timeline

PublishedJun 25

KEV addedMar 3

KEV dueMar 24

Latest updateApr 30

CISA Required Action: Apply updates per vendor instructions.

Description

smss.exe debugging subsystem in Windows NT and Windows 2000 does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges by duplicating a handle to a privileged process, as demonstrated by DebPloit.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages1 packages

▶NVDmicrosoft/windows_nt4.0

Patches

Patch: www.iss.net ↗Patch: www.securityfocus.com ↗Patch: docs.microsoft.com ↗

🔴Vulnerability Details

GHSA

GHSA-53gp-9cgv-fj68: smss↗2022-04-30

▶

CVEList

CVE-2002-0367: smss↗2003-04-02

▶

VulnCheck

Microsoft Windows Privilege Escalation Vulnerability↗2002

▶

💥Exploits & PoCs

Exploit-DB

Microsoft Windows NT 4.0/2000 - Process Handle Local Privilege Escalation↗2002-03-13

▶

📋Vendor Advisories

CISA

Microsoft Windows Privilege Escalation Vulnerability↗2022-03-03

▶