CVE-2023-36802 PoC — Microsoft Streaming Service 安全漏洞

Source

https://github.com/x0rb3l/CVE-2023-36802-MSKSSRV-LPE

Associated Vulnerability

Title:Microsoft Streaming Service 安全漏洞 (CVE-2023-36802)
Description:Microsoft Streaming Service是美国微软（Microsoft）公司的一个视频平台。 Microsoft Streaming Service存在安全漏洞。攻击者利用该漏洞可以提升权限。以下产品和版本受到影响：Windows 10 Version 1809 for 32-bit Systems,Windows 10 Version 1809 for x64-based Systems,Windows 10 Version 1809 for ARM64-based Systems,Win

Description

PoC for CVE-2023-36802 Microsoft Kernel Streaming Service Proxy

Readme

# CVE-2023-36802 MSKSSRV.sys Local Privilege Escalation
PoC for CVE-2023-36802 Microsoft Kernel Streaming Service Proxy which suffers from a type confusion vulnerability. 

This proof-of-concept is modeled after the write-up done by Benoît Sevens (@benoitsevens). The article can be found here: https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2023/CVE-2023-36802.html

Original exploit and writeup done by Valentina Palmiotti (@chompie1337)
https://securityintelligence.com/x-force/critically-close-to-zero-day-exploiting-microsoft-kernel-streaming-service/

NOTE: This was only tested on Windows 11 22H2 22621.1848. PreviousMode attacks may be mitigated in insider builds.

![image](https://github.com/x0rb3l/CVE-2023-36802-MSKSSRV-LPE/assets/29740744/35b7a53e-f3f6-4f3f-bd9e-27e7d9f9be71)

File Snapshot


 [4.0K]  /data/pocs/76ff88162b9dcd494058e41522635924cbf41573
├── [ 810]  README.md
├── [ 17K]  Source.c
└── [3.7K]  Types.h

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!