From CVE to PoC: A Collection Maps Windows Privilege Escalation Landscape
Security researcher Michael Zhmaylo has assembled a comprehensive collection of publicly disclosed exploits for Local Privilege Escalation (LPE) vulnerabilities affecting Microsoft Windows operating systems. This repository, hosted on Github, serves as a valuable resource for security researchers, penetration testers, and system administrators interested in understanding and mitigating privilege escalation attacks.
Zhmaylo’s collection focuses on LPE vulnerabilities disclosed in 2023 and 2024, featuring proof-of-concept exploit code developed and shared by various researchers. While not exhaustive, the collection offers a significant overview of the privilege escalation landscape in recent Windows versions.
The repository is organized by CVE identifier, providing a structured approach to navigating the exploits. Some notable CVEs included in the collection are:
2023:
- CVE-2023-21674, CVE-2023-21746, CVE-2023-21752, CVE-2023-21768, CVE-2023-21817
- CVE-2023-23388, CVE-2023-24871, CVE-2023-28218, CVE-2023-28229, CVE-2023-28252
- CVE-2023-29336, CVE-2023-29360, CVE-2023-36003, CVE-2023-36424, CVE-2023-36723
- CVE-2023-36802, CVE-2023-36874
2024:
- CVE-2024-20656, CVE-2024-21338, CVE-2024-21345, CVE-2024-21447, CVE-2024-26218
- CVE-2024-26229, CVE-2024-30051, CVE-2024-30088, CVE-2024-30090, CVE-2024-35250
- CVE-2024-38054, CVE-2024-38080, CVE-2024-38100, CVE-2024-6768
Each CVE folder likely contains detailed information about the vulnerability, including exploit code, technical analysis, and potential mitigation strategies.
LPE vulnerabilities are a significant security concern as they allow attackers to gain elevated privileges on a compromised system. This can lead to complete system takeover, data breaches, and the installation of malware. By studying these exploits, security professionals can better understand attack techniques and develop effective defenses.
Zhmaylo’s collection serves as a valuable resource for:
- Vulnerability research: Analyzing exploit code to understand the underlying weaknesses in Windows systems.
- Penetration testing: Simulating real-world attacks to identify vulnerabilities in organizations’ security posture.
- Security awareness training: Educating IT staff and users about the risks of privilege escalation and the importance of security best practices.
By providing a centralized repository of LPE exploits, Zhmaylo contributes to the cybersecurity community’s collective efforts to improve Windows security and defend against evolving threats.
The complete collection of Windows LPE exploits is available on Github at Exploit-Street.
