Zero-day vulnerability in Windows

Improper input validation

According to Trustwave this is a zero-day.
A private exploit has been developed by Cr4sh and been published 2 weeks after the advisory.

CVE-2012-0181 fixes an issue alluded to on exploitdb site on Nov. 21, 2011, fixed July 10, 2012.

Vulnerability details

Advisory: SB2012050801 - Multiple vulnerabilities in Microsoft Windows

Vulnerable component: Windows

CVE-ID: CVE-2012-0181

CVSSv3 score: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C

CWE-ID: CWE-20 - Improper input validation


The vulnerability allows a local user to obtain elevated privileges on the target system.

The vulnerability exists due to improper managing of Keyboard Layout files by the kernel-mode driver (win32k.sys). A local attacker can execute arbitrary code on vulnerable system with SYSTEM privileges.

Successful exploitation of this vulnerability will allow the local attacker to obtain elevated privileges on vulnerable system.

Note: the vulnerability was being actively exploited.

Public Exploits: