#windows

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Shell allows an authorized attacker to elevate privileges locally.

Use after free in Windows Shell allows an authorized attacker to elevate privileges locally.

Improper access control in Windows Camera Frame Server Monitor allows an authorized attacker to disclose information locally.

**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment and take additional actions prior to exploitation to prepare the target environment.

**What privileges could be gained by an attacker who successfully exploited this vulnerability?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

**According to the CVSS metric, privileges required is high (PR:H). What privileges are required to exploit this vulnerability?** To successfully exploit the vulnerability, an attacker must be part of a specific user group.

Integer overflow or wraparound in Windows Projected File System allows an authorized attacker to elevate privileges locally.

Out-of-bounds read in Windows Projected File System allows an authorized attacker to elevate privileges locally.

Buffer over-read in Windows Projected File System allows an authorized attacker to elevate privileges locally.

Buffer over-read in Windows Projected File System allows an authorized attacker to elevate privileges locally.