Junoh Lee

**Name of the Vulnerable Software and Affected Versions** Windows Cloud Files Mini Filter Driver (affected versions not specified) **Description** A heap-based buffer overflow exists in the Windows Cloud Files Mini Filter Driver `cldflt.sys`. This issue allows a local attacker to escalate privileges from a regular user to SYSTEM. The flaw can be triggered by crafting a custom reparse point to corrupt an adjacent ` WNF STATE DATA` object. This corruption can be leveraged to leak kernel pointers from an ALPC handle table object. Further exploitation involves corrupting a `PipeAttribute` object to leak token addresses and override privileges. Technical exploitation methods include using WNF Out-of-Bounds (OOB), Pipe Attributes, ALPC, and I/O Ring mechanisms to achieve arbitrary kernel read/write primitives or flip the ` KTHREAD.PreviousMode` and strip ` EPROCESS.Protection`. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** VMware Workstation and Fusion (affected versions not specified) **Description** The issue is related to an information disclosure vulnerability in the Host Guest File Sharing (HGFS) functionality. A malicious actor with local administrative privileges on a virtual machine may be able to read privileged information contained in hypervisor memory from a virtual machine. This is due to insufficient access control in the HGFS functionality. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows Ancillary Function Driver for WinSock (affected versions not specified) **Description** The issue is related to synchronization errors when using a shared resource, specifically a "race condition" situation. This can allow an attacker to elevate their privileges. There is an estimated elevation-of-privilege vulnerability that affects the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 13.3 **Description** A logic issue was addressed with improved checks, which may have allowed an app to gain root privileges. **Recommendations** For versions prior to 13.3, update to macOS Ventura 13.3 to resolve the issue.