Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2009-0078

CWE-2645 documents5 sources
Severity
7.2HIGH
EPSS
4.9%
top 10.40%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Microsoft Windows Vista
Timeline
PublishedApr 15
Latest updateMay 2

Description

The Windows Management Instrumentation (WMI) provider in Microsoft Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2) all run under the LocalService account, which allows local users to gain privileges by accessing the resources of one of the processes, aka "Windows WMI Service Isolation Vulnerability."

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

šŸ”“Vulnerability Details

3
GHSA
GHSA-66w8-976g-q7m9: The Windows Management Instrumentation (WMI) provider in Microsoft Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 200ā†—2022-05-02
ā–¶
CVEList
CVE-2009-0078: The Windows Management Instrumentation (WMI) provider in Microsoft Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 200ā†—2009-04-15
ā–¶
VulnCheck
Windows WMI Service Isolation Vulnerabilityā†—2009
ā–¶

šŸ’„Exploits & PoCs

1
Exploit-DB
Microsoft Windows XP/Vista/2003/2008 - WMI Service Isolation Privilege Escalationā†—2009-04-14
ā–¶
CVE-2009-0078 (HIGH CVSS 7.2) | The Windows Management Instrumentat | cvebase.io