Stiv Kupchik

Researcher fromAkamai
#8138of 53,632
33.8Total CVSS
Vulnerabilities · 4
Medium
1
High
3
PT-2024-7395
9.0
2024-02-01
Microsoft · Windows Remote Registry Client · CVE-2024-43532
Name of the Vulnerable Software and Affected Versions: Windows Remote Registry client (affected versions not specified) Description: The issue is related to the Windows Remote Registry client, where an elevation of privilege vulnerability exists due to the use of outdated transport protocols, allowing an attacker to relay NTLM authentication and potentially gain control over a Windows domain. This vulnerability can be exploited by an attacker to intercept and relay NTLM authentication, affecting the system. The estimated number of potentially affected devices worldwide is not specified. There have been reports of real-world incidents where this issue was exploited. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2023-1028
9.0
2023-01-10
Microsoft · Windows Smb Witness Service · CVE-2023-21549
**Name of the Vulnerable Software and Affected Versions** Windows SMB Witness Service (affected versions not specified) **Description** The issue is related to insufficient access restrictions in the Windows SMB Witness Service, which can be exploited by a remote attacker to elevate their privileges. This can affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2022-5870
6.8
2022-12-13
Microsoft · Windows Kernel · CVE-2022-44707
**Name of the Vulnerable Software and Affected Versions** Windows Kernel (affected versions not specified) **Description** The issue is related to insufficient input validation in the Windows Kernel, which can be exploited by a remote attacker to cause a denial of service. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2022-5401
9.0
2022-10-11
Microsoft · Windows Workstation Service · CVE-2022-38034
**Name of the Vulnerable Software and Affected Versions** Windows Workstation Service (affected versions not specified) **Description** The issue is related to insufficient access restrictions in the Windows Workstation Service, allowing a remote attacker to elevate their privileges. This can affect the system, potentially leading to unauthorized access or control. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.