CVE-2021-1732 vulnerability occurs within win32k allowing an attacker to escalate privileges from a normal user to NT AUTHORITY\SYSTEM. This paper will explain where the bug exists which can lead an attacker to achieve an out-of-bounds write operation letting them increase their authority and control on a device.
Key Pointers:
- Understanding some important key words used throughout this paper
- Understanding the vulnerability and how it works
- Mapping the scope of impact and severity of this vulnerability
- Available patches and mitigations
- Setting up the virtual environment and demonstrating the exploit
