Latest News

Out-of-bounds read in Windows Projected File System allows an authorized attacker to elevate privileges locally.

**According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?** In this case, a successful attack could be performed from a low privilege Hyper-V guest. The attacker could traverse the guest's security boundary to cause denial of service on the Hyper-V host environment.

Buffer over-read in Windows Projected File System allows an authorized attacker to elevate privileges locally.

Buffer over-read in Windows Projected File System allows an authorized attacker to elevate privileges locally.

Buffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally.

Improper input validation in Windows Message Queuing allows an authorized attacker to elevate privileges locally.

Improper access control in Windows Storage VSP Driver allows an authorized attacker to elevate privileges locally.

**What privileges could be gained by an attacker who successfully exploited this vulnerability?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

Improper access control in Storvsp.sys Driver allows an authorized attacker to elevate privileges locally.