PoC for EoP in VSStandardCollectorService150 service
The service is configured to run on demand which usually means that some form of IPC will be implemented to serve as a trigger to start service.
When looking for file operation vulnerabilities in any software, it is good practice to start by simply using the software for intended purpose and analyse the behaviour of any privileged services
Exploit
کد:
https://www.mdsec.co.uk/2024/01/cve-2024-20656-local-privilege-escalation-in-vsstandardcollectorservice150-service/
When looking for file operation vulnerabilities in any software, it is good practice to start by simply using the software for intended purpose and analyse the behaviour of any privileged services
Exploit
کد:
https://github.com/Wh04m1001/CVE-2024-20656/tree/main/Expl