Skip to content
/ CVE-2023-36003-POC Public

Privilege escalation using the XAML diagnostics API (CVE-2023-36003)

90 stars 19 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

m417z/CVE-2023-36003-POC

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
pe-poc-dll
pe-poc-dll
 
 
pe-poc
pe-poc
 
 
.gitattributes
.gitattributes
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
pe-poc.sln
pe-poc.sln
 
 

Repository files navigation

Privilege escalation using the XAML diagnostics API (CVE-2023-36003)

This is a POC (Proof of Concept) of a privilege escalation vulnerability using the XAML diagnostics API. The vulnerability was patched in December's Patch Tuesday, and the CVE assigned to it is CVE-2023-36003.

Usage

The POC is a C++ project that can be compiled using Visual Studio. After compiling, the POC can be run without arguments to look for an inaccessible process and then run the exploit against it. Alternatively, a process id can be passed as an argument, and the exploit will be run against that process.

Vulnerability details

More details about the vulnerability can be found in the following blog post:

Privilege escalation using the XAML diagnostics API (CVE-2023-36003)

About

Privilege escalation using the XAML diagnostics API (CVE-2023-36003)

Resources

Readme
Activity

Stars

90 stars

Watchers

2 watching

Forks

19 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages