![]() To exploit it, attackers must manipulate a BLF file to elevate their privileges in the system and be able to continue their attack (so they need initial access with user privileges).Īs usual, our Securelist website has the technical info, plus indicators of compromise, but the details aren’t being disclosed just now since they could be used by other cybercriminals to carry out new attacks. What is the CVE-2023-28252 vulnerability?ĬVE-2023-28252 belongs to the class of privilege-elevation vulnerabilities. We advise installing the fresh patches as soon as possible, because the vulnerability isn’t just being exploited by attackers - it’s being used in ransomware attacks. The developers designated the vulnerability as CVE-2023-28252, and closed it on Apwith the April Patch Tuesday update. ![]() After thoroughly investigating the exploit, our Global Research & Analysis Team (GReAT) contacted Microsoft and provided all their findings. ![]() Thanks to their Behavioral Detection Engine and Exploit Prevention components, our solutions have detected attempts to exploit a previously unknown vulnerability in the Common Log File System (CLFS) - the logging subsystem of Windows operating systems.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |