This paper explains the vulnerability, HiveNightmare (CVE-2021-36934), also known as SeriousSAM, in Windows 10 version 1809 and later. It is a zero-day privilege escalation vulnerability, taking advantage of overly permissive Access Control Lists (ACLs). An attacker with the ability to execute code on a target host could exploit this vulnerability to elevate their privileges to SYSTEM.
Key Pointers:
- Understanding the vulnerability in Windows 10.
- Taking a look at the severity, risk and the scope of impact of this vulnerability.
- Understanding how to mitigate the vulnerability using some available work arounds.
- Understanding the attack scenario and setting up the lab for exploitation.
- Exploiting the vulnerability and taking the SYSTEM access.
