CVE-2024-55511 PoC — Macrium Reflect 安全漏洞

Source

https://github.com/sleepingniko/CVE-2024-55511

Associated Vulnerability

Title:Macrium Reflect 安全漏洞 (CVE-2024-55511)
Description:Macrium Reflect是Macrium公司的一款用于 Microsoft Windows 的备份实用程序。 Macrium Reflect 8.1.8017之前版本存在安全漏洞，该漏洞源于存在空指针取消引用，攻击者可以通过执行特制的可执行文件来提升其权限。

Description

A null pointer dereference vulnerability in Macrium Reflect prior to 8.1.8017 allows an attacker to elevate their privileges via executing a specially crafted executable.

Readme

# CVE-2024-55511
 A null pointer dereference vulnerability in Macrium Reflect prior to 8.1.8017 allows an attacker to elevate their privileges via executing a specially crafted executable.

I will write more information about the bug such as my proposed CVSS scores and whatnot later (today or tomorrow).
For now, let's wait for NVD (and others) to add my exploit to the list of references for my CVE.

File Snapshot


 [4.0K]  /data/pocs/ed55e4aa7b7b6eaf25ed3ce382a9cd3094a5d91c
├── [4.0K]  Binaries
│   └── [116K]  mrcbt_UNPATCHED.sys
├── [ 402]  README.md
└── [4.0K]  Solution
    └── [4.0K]  CVE-2024-55511
        ├── [2.4K]  CVE-2024-55511.c
        ├── [ 208]  CVE-2024-55511.h
        ├── [1.3K]  CVE-2024-55511.sln
        ├── [6.5K]  CVE-2024-55511.vcxproj
        └── [2.1K]  Shellcode.asm

3 directories, 7 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!