Autor: Peter Leibling

Improper authentication in Windows SMB Server allows an authorized attacker to elevate privileges locally.

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Incorrect default permissions in .NET allows an authorized attacker to elevate privileges locally.

Use after free in Windows Authentication Methods allows an authorized attacker to elevate privileges locally.

Cwe is not in rca categories in Microsoft Authenticator allows an unauthorized attacker to disclose information locally.

Integer overflow or wraparound in Microsoft Office allows an authorized attacker to elevate privileges locally.

External initialization of trusted variables or data stores in Azure Entra ID allows an unauthorized attacker to elevate privileges locally.

Use after free in Connected Devices Platform Service (Cdpsvc) allows an authorized attacker to elevate privileges locally.

Improper restriction of names for files and other resources in Active Directory Domain Services allows an authorized attacker to elevate privileges over a network.

Incorrect permission assignment for critical resource in Windows Accessibility Infrastructure (ATBroker.exe) allows an authorized attacker to elevate privileges locally.