CVE-2002-0367 - Microsoft Windows Privilege Escalation Vulnerability
Project:Microsoft
Product:Windows
Date Added:2022-03-03Due Date:2022-03-24
Vulnerability Name
Microsoft Windows Privilege Escalation Vulnerability
Description
smss.exe debugging subsystem in Microsoft Windows does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2002-0367