Threat Actor: Unknown | Unknown
Victim: Windows users | Windows
Price: $5,000
Exfiltrated Data Type: Not specified
Additional Information:
- The threat actor is selling a one-day vulnerability specifically for a Windows 1-day Local Privilege Escalation (LPE) exploit.
- The exploit is claimed to work on Windows 10-11 and all versions of Windows Server.
- The sale is said to be legitimate, and the threat actor offers to share proof of concept (POC) related to the exploit.
- The sale package includes the full-source code.
In a concerning turn of events, a threat actor has allegedly sale of a one-day vulnerability tailored explicitly for a Windows 1-day Local Privilege Escalation (LPE) exploit. The actor has claimed that it works on Windows 10-11 and all versions of Windows Server. In addition, the actor claims that the sale is legitimate and that they will share proof of concept (POC) related to it. The sale package includes the full-source code, with an initial asking price of $5,000.
Original Source: https://dailydarkweb.net/threat-actor-offers-new-windows-1-day-lpe-exploit-for-sale-at-5000/