- Feb 4, 2016
- 2,520
Project Zero, Google's 0day bug-hunting team, today disclosed a zero-day elevation of privileges (EoP) vulnerability found in the Windows kernel and actively exploited in targeted attacks.
The flaw is a pool-based buffer overflow that exists in the Windows Kernel Cryptography Driver (cng.sys) and it is currently tracked as CVE-2020-17087.
Proof of concept exploit available
The Windows kernel bug zero-day can be exploited by local attackers for privilege escalation (including sandbox escape) according to Project Zero security researchers Mateusz Jurczyk and Sergei Glazunov.
"The bug resides in the cng!CfgAdtpFormatPropertyBlock function and is caused by a 16-bit integer truncation issue," the researchers explain.
Last edited by a moderator: