Tag

Privilege Escalation

All articles tagged with #privilege escalation

security5 days ago•1 min saved

Microsoft Fixes Privilege Escalation Flaw in Windows Admin Center (CVE-2026-26119)

Microsoft patched CVE-2026-26119, a high-severity improper authentication flaw in Windows Admin Center that could allow an authenticated attacker to elevate privileges to the user running the affected app; the fix arrived with Windows Admin Center v2511 (Dec 2025). While there are no confirmed exploits in the wild, Microsoft flags exploitation as more likely and researchers warn it could enable domain compromise under certain conditions.

via The Hacker News|

#cve-2026-26119 #microsoft #privilege-escalation

technology4 months ago•1 min saved

CISA Warns of Active Exploitation of Critical Windows SMB and RAS Flaws

CISA warns that a high-severity Windows SMB vulnerability (CVE-2025-33073), which allows privilege escalation and is actively exploited, affects all recent Windows versions. Microsoft patched it in June 2025, but threat actors are now exploiting it, prompting federal agencies and organizations to urgently apply updates to prevent system compromise.

via BleepingComputer|

#cisa #cve-2025-33073 #cybersecurity

technology5 months ago•5 min saved

Microsoft Patches Critical Entra ID Flaw Enabling Tenant Impersonation

Microsoft patched a critical security flaw in Entra ID (formerly Azure AD) that could have allowed attackers to impersonate any user, including Global Admins, across tenants by exploiting a token validation failure. The vulnerability, which was addressed in July 2025, involved legacy API issues and could bypass MFA and logging, posing a significant threat to tenant security. No evidence of exploitation has been reported, but the flaw highlights risks associated with legacy API dependencies and cloud misconfigurations.

via The Hacker News|

#cross-tenant-impersonation #cve-2025-55241 #microsoft-entra-id

technology5 months ago•4 min saved

Critical Microsoft Entra ID Flaw Poses Global Security Risk

A critical security flaw in Microsoft Entra ID, involving undocumented 'actor tokens' and a vulnerability in the Azure AD Graph API, could have allowed attackers to hijack any company's tenant and gain full administrative access without detection. The issue was discovered by security researcher Dirk-jan Mollema and has since been patched by Microsoft.

via BleepingComputer|

#actor-tokens #azure-ad-graph-api #microsoft-entra-id

security6 months ago•1 min saved

Zoom and Xerox Launch Security Updates to Fix Critical Flaws

Zoom and Xerox have released critical security updates to fix vulnerabilities that could allow privilege escalation and remote code execution, affecting Zoom Windows clients and Xerox FreeFlow Core, with the latter's issues being highly severe and exploitable for arbitrary command execution.

via The Hacker News|

#privilege-escalation #remote-code-execution #security

security6 months ago•2 min saved

Microsoft Discloses Critical Exchange Server Vulnerability in Hybrid Setups

Microsoft disclosed a high-severity vulnerability in on-premise Exchange Server (CVE-2025-53786) that could allow attackers with admin access to escalate privileges in connected cloud environments, especially in hybrid setups. The flaw, which shares a service principal with Exchange Online, poses risks of undetectable privilege escalation and identity compromise if unpatched. Microsoft recommends applying the latest hotfix, reviewing security configurations, and resetting service principal keys if no longer used. CISA also warns about related malware exploiting recent SharePoint flaws and advises disconnecting outdated or end-of-life Exchange and SharePoint servers from the internet.

via The Hacker News|

#cve-2025-53786 #exchange-server #hybrid-deployment

technology7 months ago•2 min saved

Recent Linux Sudo Vulnerabilities Allow Privilege Escalation and Root Access

Two privilege escalation vulnerabilities in the Sudo utility (CVE-2025-32462 and CVE-2025-32463) have been fixed in version 1.9.17p1, and users are advised to update their systems to patch these security flaws that could allow local users to gain root access.

via Help Net Security|

#cve-2025-32462 #cve-2025-32463 #privilege-escalation

cybersecurity8 months ago•3 min saved

CISA Warns of Active Linux Kernel Privilege Escalation Vulnerabilities Exploited in the Wild

Cybersecurity researchers have discovered two critical local privilege escalation flaws in Linux distributions, allowing unprivileged users to gain root access via PAM and udisks, with potential for system compromise. Patches are recommended to mitigate these vulnerabilities.

via The Hacker News|

#cybersecurity #linux-vulnerabilities #pam-flaw

technology8 months ago•2 min saved

CISA Alerts to Active Exploitation of Critical Linux Kernel Privilege Flaws

Two critical local privilege escalation vulnerabilities in Linux's udisks and PAM framework can allow attackers to gain root access on major Linux distributions. The flaws, CVE-2025-6018 and CVE-2025-6019, are especially dangerous because udisks is widely used by default, and exploits have been demonstrated on popular distros like Ubuntu, Debian, Fedora, and openSUSE. Immediate patching is strongly recommended to prevent potential system compromises.

via BleepingComputer|

#cve-2025-6018 #cve-2025-6019 #linux

security8 months ago•1 min saved

CISA Alerts to Widespread Linux Kernel Privilege Escalation Vulnerabilities

The U.S. CISA has issued a warning about an actively exploited privilege escalation vulnerability in the Linux kernel (CVE-2023-0386), which allows local users to gain root access by exploiting an improper ownership management bug in OverlayFS. Although patched earlier in 2023, the flaw is being exploited in the wild, and federal agencies are required to apply patches by July 8, 2025.

via The Hacker News|

#cisa #cve-2023-0386 #linux-kernel

vulnerability-network-security1 year ago•1 min saved

Ivanti Releases Urgent Patches for Severe CSA Security Flaws

Ivanti has released critical security updates for its Cloud Services Application (CSA) and Connect Secure products to address multiple vulnerabilities, including an authentication bypass (CVE-2024-11639) with a CVSS score of 10.0, and several command and SQL injection flaws. These vulnerabilities could allow remote attackers to gain administrative access and execute arbitrary code. Users are urged to update to the latest versions to mitigate potential risks, although no active exploitation has been reported yet.

via The Hacker News|

#code-execution #ivanti #privilege-escalation

cybersecurity1 year ago•2 min saved

CISA Urges Immediate Patching of Critical Linux Kernel Vulnerability

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has added a high-severity Linux kernel privilege elevation flaw (CVE-2024-1086) to its Known Exploited Vulnerabilities catalog. This flaw, which allows local attackers to gain root-level access, was introduced in 2014 and fixed in January 2024. Despite most Linux distributions quickly pushing out fixes, Red Hat delayed until March, potentially exposing systems to public exploits. Federal agencies have until June 20, 2024, to apply patches or implement mitigations. CISA also added CVE-2024-24919, an information disclosure vulnerability in Check Point VPN devices, to the catalog.

via BleepingComputer|

#cisa #cybersecurity #linux

cybersecurity1 year ago•1 min saved

"Cisco Exposes Public Exploit Code for Root Escalation Flaw"

Cisco has disclosed a high-severity vulnerability in its Integrated Management Controller (IMC) that allows local attackers to escalate privileges to root using public exploit code. The vulnerability, tracked as CVE-2024-20295, is caused by insufficient validation of user-supplied input and affects various Cisco devices running vulnerable IMC versions in default configurations. Cisco has released patches to address the issue and warned of the availability of proof-of-concept exploit code, although there have been no reported attacks exploiting the vulnerability yet. This disclosure follows previous security patches for zero-day vulnerabilities and a warning about a large-scale credential brute-forcing campaign targeting VPN and SSH services on various devices.

via BleepingComputer|

#cisco #cybersecurity #exploit-code

technology2 years ago•2 min saved

"Zoom Fixes Critical Windows App Privilege Elevation Flaw"

Zoom has patched a critical privilege escalation flaw in its Windows apps that could allow unauthenticated attackers to elevate their privileges on the target system over the network. The vulnerability, tracked as CVE-2024-24691, was discovered by Zoom's offensive security team and has a "critical" rating. In addition to this flaw, the latest Zoom release addresses six other vulnerabilities, including issues related to privilege escalation, information disclosure, and denial of service. Users are advised to update their Zoom clients to the latest version to mitigate the risk of external actors exploiting these vulnerabilities to steal data, disrupt meetings, or install backdoors.

via BleepingComputer|

#privilege-escalation #security #technology

technology2 years ago•2 min saved

"Critical Linux glibc Flaw Grants Attackers Root Access on Major Distributions"

A newly disclosed local privilege escalation (LPE) vulnerability in the GNU C Library (glibc) allows unprivileged attackers to gain root access on major Linux distributions, impacting Debian, Ubuntu, and Fedora systems. Tracked as CVE-2023-6246, the flaw was accidentally introduced in glibc 2.37 and later backported to glibc 2.36, posing a significant threat due to the widespread use of the affected library. Qualys researchers also found three other vulnerabilities in glibc, emphasizing the critical need for strict security measures in software development. This is not the first time Qualys has found Linux root escalation flaws, as they have previously discovered vulnerabilities in glibc's ld.so dynamic loader, Polkit's pkexec component, the Kernel's filesystem layer, and the Sudo Unix program.

via BleepingComputer|

#glibc #linux #privilege-escalation