• Menu
  • Skip to main content
  • Skip to primary sidebar

All Tech News

Latest Technology News

Hackers Exploit Privilege Escalation Flaw on Windows Backup Service

You are here: Home / Cyber Security News / Hackers Exploit Privilege Escalation Flaw on Windows Backup Service

Threat actors have been noticed exploiting a privilege escalation vulnerability on the Windows Backup and Restore company.

“[…] CVE-2023-21752 is a vulnerability which lets a essential person to execute arbitrary code on a host to delete documents from [a] specified storage route, from Windows Backup and Restore services,” wrote security researchers at CloudSEK. “This motion is only doable by privileged people.”

Further, the exploit could be leveraged for privilege escalation on a host from standard user to technique consumer, as a result allowing for account takeovers.

“The vulnerability is activated utilizing the Race Condition among momentary file development and deletion, which will take area subsequent the authentication course of action,” the CloudSEK advisory reads.

“Windows hosts that observe irregular patch installations are subjected to risk, with risk actors potentially utilizing the exploit in the wild. The bare prerequisite is to have a regional account on the focused method.”

The large-severity vulnerability has a CVSS base score of 7.1 and has an effect on Windows 7, 10 and 11 OS variations. It was patched by Microsoft in its 1st Patch Tuesday of 2023. 0patch also produced a different fix for the flaw on January 31.

“Our micro patch is logically equivalent to Microsoft’s, but to limit its complexity and code measurement, we opted for a less difficult naming of the short-term file,” wrote the security scientists. “This is to accommodate multiple backup procedures using the similar route at the exact same time, which is unlikely but not impossible.”

Again to the CloudSEK advisory, the corporation reported it spotted risk hackers talking about the vulnerability in a Russian-talking cybercrime forum and on Telegram channels.

“A model new vulnerability was uncovered on January 10 in the Windows Backup company,” reads a Telegram submit found and shared by CloudSEK. “The vulnerability will make it straightforward to elevate privileges from the user level to [local privilege escalation].”

The firm’s advisory will come times just after Microsoft declared releasing patches for about 70 CVEs this thirty day period, such as three zero-times.

Some parts of this article are sourced from:
www.infosecurity-magazine.com

Previous Post: « Researchers Uncover New Information Stealer ‘Stealc’
Next Post: New Privilege Escalation Bug Class Found on macOS and iOS »

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Recent Posts

  • Google Chrome Zero-Day CVE-2025-2783 Exploited by TaxOff to Deploy Trinper Backdoor
  • LangSmith Bug Could Expose OpenAI Keys and User Data via Malicious Agents
  • Silver Fox APT Targets Taiwan with Complex Gh0stCringe and HoldingHands RAT Malware
  • Google Warns of Scattered Spider Attacks Targeting IT Support Teams at U.S. Insurance Firms
  • Are Forgotten AD Service Accounts Leaving You at Risk?

Copyright © 2025 · AllTech.News, All Rights Reserved.