The vulnerability was used by Stuxnet.
W32.Stuxnet TDL-4 rootkit (TDSS) Trojan.Generic.KDV.128306
Vulnerable component: Windows
CVSSv3 score: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls
The vulnerability allows a local user obtain elevated privileges on vulnerable system.
The vulnerability exists in Windows Task Scheduler when running scheduled tasks within the intended security context. A local user can create a specially crafted task and execute arbitrary code on vulnerable system with privileges of the local system account.
Successful exploitation of this vulnerability may allow a local user to obtain full access to vulnerable system.
Note: this vulnerability is being actively exploited.
- Microsoft Windows - Task Scheduler Privilege Escalation [Exploit-DB]