A threat actor has allegedly surfaced with a lucrative offer: the sale of a Windows 1-day Local Privilege Escalation (LPE) exploit, identified as CVE-2024-26169. This vulnerability, categorized as a Windows Error Reporting Service Elevation of Privilege Vulnerability, presents a significant risk, as it allows attackers to gain SYSTEM privileges.
Notably, the exploit is compatible across a wide range of Windows operating systems, spanning from Windows 10 to Windows 11, including Windows Servers. While there’s no public Proof of Concept (PoC), the exploit’s presence on the Microsoft Security Response Center (MSRC) indicates its potential impact. The sale package includes the full-source code of the PoC, with an initial asking price of $10,000, although negotiation is possible.
Threat Actor Offers Windows 1-Day LPE (CVE-2024-26169) Exploit for Sale at $10,000
Related Posts
Popular Stories
-
Threat Actor Claims Sale of Dell Database Containing 49 Million Customer Records
-
Threat Actor Claims to Have Leaked Database Containing Personal Information of 5 Million Salvadoran Citizens
-
Deloitte Allegedly Suffers Major Data Breach – Source Code and GitHub Credentials Reportedly Leaked
-
Threat Actor Claims Sale of State Grid Corporation of China (SGCC) Data, World’s Largest Utility Company
-
New ATM Malware Threatens European Banking Security
