PROBABLYPWNED
Home/Tag/Privilege Escalation

Privilege Escalation

38 articles tagged with "Privilege Escalation"

RoguePlanet Zero-Day Bypasses Fully-Patched Windows Defender
Vulnerabilities3 min read

RoguePlanet Zero-Day Bypasses Fully-Patched Windows Defender

Security researcher Nightmare Eclipse releases fourth Microsoft Defender zero-day in months, granting SYSTEM privileges on patched Windows 10 and 11 systems. Here's what defenders need to know.

Vulnerability DeskJun 11, 2026
CIFSwitch: 19-Year Linux Kernel Flaw Grants Root Access
Vulnerabilities3 min read

CIFSwitch: 19-Year Linux Kernel Flaw Grants Root Access

A SpaceX security engineer discovered a privilege escalation bug hidden in the Linux kernel since 2007. Proof-of-concept exploit published—major distributions now patching.

Vulnerability DeskJun 2, 2026
cPanel Ships Second Emergency Patch in 10 Days: Three New CVEs
Vulnerabilities3 min read

cPanel Ships Second Emergency Patch in 10 Days: Three New CVEs

cPanel releases emergency fixes for CVE-2026-29201, 29202, and 29203—including file read, code execution, and privilege escalation flaws. Comes days after 44,000 servers were hit by ransomware.

Vulnerability DeskMay 10, 2026
PhantomRPC: Unpatched Windows Flaw Enables SYSTEM Escalation
Vulnerabilities5 min read

PhantomRPC: Unpatched Windows Flaw Enables SYSTEM Escalation

Kaspersky discloses PhantomRPC, an architectural Windows RPC vulnerability enabling SYSTEM-level privilege escalation across all Windows versions. Microsoft declined to patch despite five exploitation paths.

Vulnerability DeskApr 27, 2026
Defender Zero-Days Hit Live Attacks - Two Still Unpatched
Vulnerabilities4 min read

Defender Zero-Days Hit Live Attacks - Two Still Unpatched

Huntress confirms hands-on-keyboard exploitation of all three Windows Defender zero-days. Microsoft patched BlueHammer, but RedSun and UnDefend remain unpatched as attackers chain them for SYSTEM access.

Vulnerability DeskApr 23, 2026
RedSun: Second Windows Defender Zero-Day Drops in Two Weeks
Vulnerabilities4 min read

RedSun: Second Windows Defender Zero-Day Drops in Two Weeks

Frustrated researcher 'Chaotic Eclipse' releases RedSun, another Windows Defender privilege escalation exploit granting SYSTEM access. Microsoft has not yet patched this second zero-day.

Vulnerability DeskApr 17, 2026
GPUBreach Exploits GDDR6 Rowhammer for Full System Takeover
Vulnerabilities3 min read

GPUBreach Exploits GDDR6 Rowhammer for Full System Takeover

University of Toronto researchers demonstrate GPUBreach, a GPU rowhammer attack that bypasses IOMMU protections to achieve root access on systems with NVIDIA GPUs. Consumer GPUs remain unmitigated.

Vulnerability DeskApr 7, 2026
Azure Kubernetes CVE-2026-33105 Hits CVSS 10.0
Vulnerabilities4 min read

Azure Kubernetes CVE-2026-33105 Hits CVSS 10.0

Microsoft Azure Kubernetes Service has a critical auth bypass (CVE-2026-33105) with a perfect CVSS 10.0 score. Unauthenticated attackers can escalate to cluster admin—patch now.

Vulnerability DeskApr 3, 2026
Ubuntu Desktop Flaw Lets Local Users Escalate to Root
Vulnerabilities3 min read

Ubuntu Desktop Flaw Lets Local Users Escalate to Root

CVE-2026-3888 exploits timing race between snap-confine and systemd-tmpfiles to grant root access on Ubuntu Desktop 24.04+. Qualys researchers demonstrate full privilege escalation.

Vulnerability DeskMar 23, 2026
Caddy Server Flaw Lets Users Impersonate Admins
Vulnerabilities4 min read

Caddy Server Flaw Lets Users Impersonate Admins

CVE-2026-30851 in Caddy's forward_auth module enables identity injection and privilege escalation. Any valid user can impersonate administrators. Update to 2.11.2.

Vulnerability DeskMar 8, 2026