Endpoint Vulnerability

Windows SMB Elevation of Privilege Vulnerability

Description

An elevation of privilege vulnerability exists in the default Windows SMB Server configuration which allows anonymous users to remotely access certain named pipes that are also configured to allow anonymous access to users who are logged on locally. An unauthenticated attacker who successfully exploits this configuration error could remotely send specially crafted requests to certain services that accept requests via named pipes.

Affected Products

Windows 10,Windows Server 2016

References

CVE-2017-11782,