Home/Tag/Privilege Escalation

Privilege Escalation

30 articles tagged with "Privilege Escalation"

Vulnerabilities4 min read

LiteSpeed cPanel Flaw Grants Root Access—CISA Sets 3-Day Deadline

Critical CVE-2026-48172 in LiteSpeed cPanel plugin enables root privilege escalation. CVSS 10.0, actively exploited, CISA KEV deadline May 29. Patch immediately.

Marcus ChenMay 27, 2026

Vulnerabilities4 min read

MiniPlasma Zero-Day Grants SYSTEM on Patched Windows — PoC Released

Chaotic Eclipse drops working exploit for Windows Cloud Filter driver flaw allegedly patched in 2020. Race condition in cldflt.sys spawns SYSTEM shell on Windows 11.

Marcus ChenMay 18, 2026

Vulnerabilities3 min read

OpenClaw 'Claw Chain' Flaws Let Attackers Steal Data and Plant Backdoors

Cyera discloses four chainable OpenClaw vulnerabilities (CVE-2026-44112 through 44118) exposing 245,000 servers to credential theft, privilege escalation, and persistent access.

Marcus ChenMay 16, 2026

Vulnerabilities3 min read

Linux Fragnesia Flaw Gives Any Local User Root Access Without Racing

CVE-2026-46300 exploits a logic bug in the XFRM ESP-in-TCP subsystem to corrupt page cache and gain root. Kernel patches rolling out now—mitigation available.

Marcus ChenMay 15, 2026

Vulnerabilities4 min read

Researcher Drops YellowKey BitLocker Bypass, GreenPlasma SYSTEM Exploit

A disgruntled researcher released two unpatched Windows zero-days: YellowKey bypasses BitLocker encryption via USB, while GreenPlasma grants SYSTEM privileges. No patches available yet.

Marcus ChenMay 14, 2026

Vulnerabilities3 min read

cPanel Ships Second Emergency Patch in 10 Days: Three New CVEs

cPanel releases emergency fixes for CVE-2026-29201, 29202, and 29203—including file read, code execution, and privilege escalation flaws. Comes days after 44,000 servers were hit by ransomware.

Marcus ChenMay 10, 2026

Vulnerabilities5 min read

Dirty Frag: Zero-Day Linux Exploit Gives Root With No Patches

A new Linux kernel flaw dubbed Dirty Frag (CVE-2026-43284) enables instant root on all major distros. No patches exist after embargo collapsed.

Marcus ChenMay 8, 2026

Vulnerabilities5 min read

Linux Copy Fail Flaw Grants Root in Seconds — Patch Now

CVE-2026-31431 lets attackers gain root on every major Linux distro since 2017 with a 732-byte Python script. Here's how it works and what to do.

Marcus ChenApr 30, 2026

Vulnerabilities3 min read

OpenClaw Pairing Flaw Enables CVSS 9.1 Privilege Escalation

CVE-2026-41386 allows attackers to manipulate bootstrap setup codes during device pairing, bypassing role restrictions and gaining elevated privileges in OpenClaw.

Marcus ChenApr 29, 2026

Vulnerabilities4 min read

Microsoft Entra ID Flaw Let Attackers Hijack Any Service Principal

Silverfort researchers discover Microsoft's AI agent management role could be abused to take over arbitrary service principals in Entra ID tenants. Microsoft patched the privilege escalation flaw on April 9.

Marcus ChenApr 28, 2026

Vulnerabilities4 min read

ASP.NET Core Bug Lets Attackers Forge Auth Cookies for SYSTEM Access

Microsoft releases emergency patch for CVE-2026-40372 (CVSS 9.1), a critical ASP.NET Core flaw allowing attackers to forge authentication cookies and gain SYSTEM privileges on Linux and macOS servers.

Marcus ChenApr 28, 2026

Vulnerabilities5 min read

PhantomRPC: Unpatched Windows Flaw Enables SYSTEM Escalation

Kaspersky discloses PhantomRPC, an architectural Windows RPC vulnerability enabling SYSTEM-level privilege escalation across all Windows versions. Microsoft declined to patch despite five exploitation paths.

Marcus ChenApr 27, 2026

Vulnerabilities4 min read

Pack2TheRoot: 12-Year-Old PackageKit Bug Grants Root on Linux

CVE-2026-41651 lets any local user gain root privileges on Ubuntu, Debian, and Fedora via a TOCTOU race in PackageKit. Patch to version 1.3.5 immediately.

Marcus ChenApr 24, 2026

Vulnerabilities4 min read

Defender Zero-Days Hit Live Attacks - Two Still Unpatched

Huntress confirms hands-on-keyboard exploitation of all three Windows Defender zero-days. Microsoft patched BlueHammer, but RedSun and UnDefend remain unpatched as attackers chain them for SYSTEM access.

Marcus ChenApr 23, 2026

Vulnerabilities3 min read

OpenClaw Sandbox Escape Hits CVSS 9.9—Upgrade Before It's Exploited

CVE-2026-41329 lets attackers bypass OpenClaw's sandbox via heartbeat context manipulation, achieving privilege escalation. CVSS 9.9 demands immediate patching.

Marcus ChenApr 21, 2026

Vulnerabilities3 min read

Cisco Patches Four CVSS 9.9 Flaws in Identity Services Engine

Critical ISE vulnerabilities let authenticated users escalate to root. Read-only admin accounts can execute arbitrary commands on underlying OS.

Marcus ChenApr 20, 2026

Vulnerabilities4 min read

RedSun: Second Windows Defender Zero-Day Drops in Two Weeks

Frustrated researcher 'Chaotic Eclipse' releases RedSun, another Windows Defender privilege escalation exploit granting SYSTEM access. Microsoft has not yet patched this second zero-day.

Marcus ChenApr 17, 2026

Vulnerabilities4 min read

Docker Auth Bypass Gives Attackers Full Host Access

CVE-2026-34040 lets attackers bypass Docker authorization plugins with a single padded HTTP request. CVSS 8.8 flaw patched in Engine 29.3.1.

Marcus ChenApr 8, 2026

Vulnerabilities3 min read

BlueHammer: Researcher Leaks Unpatched Windows Zero-Day Exploit

Security researcher releases working proof-of-concept for BlueHammer, an unpatched Windows Defender privilege escalation flaw enabling SYSTEM access via TOCTOU and path confusion vulnerabilities.

Marcus ChenApr 7, 2026

Vulnerabilities3 min read

GPUBreach Exploits GDDR6 Rowhammer for Full System Takeover

University of Toronto researchers demonstrate GPUBreach, a GPU rowhammer attack that bypasses IOMMU protections to achieve root access on systems with NVIDIA GPUs. Consumer GPUs remain unmitigated.

Marcus ChenApr 7, 2026

Vulnerabilities4 min read

Azure Kubernetes CVE-2026-33105 Hits CVSS 10.0

Microsoft Azure Kubernetes Service has a critical auth bypass (CVE-2026-33105) with a perfect CVSS 10.0 score. Unauthenticated attackers can escalate to cluster admin—patch now.

Marcus ChenApr 3, 2026

Vulnerabilities3 min read

OpenClaw Bootstrap Replay Bug Enables Admin Takeover (CVE-2026-32987)

Critical CVSS 9.8 flaw in OpenClaw AI agent platform lets attackers replay setup codes for privilege escalation. Patch to version 2026.3.13 immediately.

Marcus ChenMar 30, 2026

Vulnerabilities3 min read

Ubuntu Desktop Flaw Lets Local Users Escalate to Root

CVE-2026-3888 exploits timing race between snap-confine and systemd-tmpfiles to grant root access on Ubuntu Desktop 24.04+. Qualys researchers demonstrate full privilege escalation.

Marcus ChenMar 23, 2026

Vulnerabilities3 min read

CrackArmor: 9 AppArmor Flaws Expose 12.6M Linux Servers to Root

Qualys discloses nine confused deputy vulnerabilities in Linux AppArmor that enable local privilege escalation to root. Ubuntu, Debian, and SUSE affected since 2017.

Marcus ChenMar 14, 2026

Vulnerabilities4 min read

WordPress Membership Plugin Flaw Lets Anyone Become Admin

CVE-2026-1492 in User Registration & Membership plugin enables unauthenticated admin account creation. CVSS 9.8—over 100,000 sites at risk.

Marcus ChenMar 13, 2026

Vulnerabilities4 min read

Caddy Server Flaw Lets Users Impersonate Admins

CVE-2026-30851 in Caddy's forward_auth module enables identity injection and privilege escalation. Any valid user can impersonate administrators. Update to 2.11.2.

Marcus ChenMar 8, 2026

Vulnerabilities4 min read

Windows Admin Center Flaw Enables Full Domain Takeover

CVE-2026-26119 lets attackers escalate from standard user to domain admin via improper authentication. Microsoft rates exploitation 'more likely.'

Marcus ChenFeb 20, 2026

Vulnerabilities4 min read

WordPress Plugin Flaw Gives Attackers Admin Access Without Login

CVE-2026-23550 in Modular DS plugin scores CVSS 10.0. Active exploitation began January 13, with 40,000+ sites at risk.

Marcus ChenJan 28, 2026

Vulnerabilities4 min read

WordPress ACF Extended Bug Lets Anyone Become Admin

CVE-2025-14533 in the ACF Extended plugin allows unauthenticated attackers to register as administrators on 100,000 WordPress sites.

Marcus ChenJan 21, 2026

Vulnerabilities5 min read

SonicWall Patches Exploited SMA1000 Zero-Day Used in Chained RCE Attack

CVE-2025-40602 privilege escalation flaw combined with earlier vulnerability enables unauthenticated remote code execution on SonicWall appliances.

Marcus ChenDec 23, 2025