Threat Actor Selling Windows Lpe 0-day Exploit For $120,000
Category

Threat Actor: Unknown | Unknown
Victim: Windows users | Windows users
Price: $120,000
Exfiltrated Data Type: Not specified

Additional Information:

  • The exploit targets multiple versions of Windows, including the latest releases such as Windows Server 2022, Windows 11, and Windows 10.
  • The exploit claims to raise privileges from medium to system level in just 2 seconds with a success rate of 99.4%.
  • The package includes both the source code and detailed documentation written in C++.
  • No artifacts are left during execution, making the exploit highly stable.
  • The sale of this exploit highlights the ongoing threats posed by cybercriminals and the vulnerabilities in widely used operating systems.
  • Organizations are advised to apply security patches promptly and implement comprehensive cybersecurity measures to mitigate the risks.

A threat actor has announced the sale of a Windows Local Privilege Escalation (LPE) 0-day exploit, which reportedly affects multiple versions of Windows operating systems, including the latest releases. This alarming development has been disclosed through an underground marketplace, with the threat actor providing detailed specifications and capabilities of the exploit.

Threat Actor’s Announcement:

The exploit, which is advertised for $120,000, purportedly targets the following versions of Windows:

Windows Server 2022
Windows Server 23H2
Windows Server 2019
Windows 10 22H2
Windows 10 21H2
Windows 10 1809
Windows 11 23H2
Windows 11 22H2
Windows 11 21H2

According to the threat actor, the exploit raises privileges from medium to system level in just 2 seconds, boasting a success rate of 99.4%. Written in C++, the package includes both the source code and detailed documentation.

Technical Details:

The exploit is claimed to be highly stable, with no artifacts left during execution. Such a capability would allow attackers to execute code with elevated privileges on compromised systems, potentially leading to significant security breaches.

Security Implications:

The sale of this Windows LPE 0-day exploit underscores the ongoing threats posed by sophisticated cybercriminals and the persistent vulnerabilities within widely used operating systems. The availability of such an exploit in underground markets can lead to serious consequences for businesses and individuals relying on affected Windows versions.

Organizations are urged to remain vigilant, apply security patches promptly, and adopt comprehensive cybersecurity measures to mitigate the risks posed by such critical vulnerabilities.

Original Source: https://dailydarkweb.net/threat-actor-claims-to-be-selling-windows-lpe-0-day-exploit-for-120000/