#Windows Kernel

**What privileges could an attacker gain?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

**What privileges could an attacker gain?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

**What privileges could be gained by an attacker who successfully exploited the vulnerability?** An attacker would only be able to delete empty folders on a vulnerable system in the context of the SYSTEM account. They would not gain privileges to view or modify file contents or delete folders containing files.

**What privileges could an attacker gain?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

**What privileges could an attacker gain?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

**What privileges could an attacker gain?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

**How could an attacker exploit the vulnerability?** A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests. An attacker who successfully exploited the vulnerability could gain the ability to execute code on the target system. This vulnerability can be exploited through two different vectors: * **For the vulnerability to be exploited on the SMB Client**, an unauthenticated attacker would first need to configure a malicious SMBv3 server and convince a user to connect to it by enticing them to click a specially crafted link. * \*\*For the vulnerability to be exploited on the SMB Server \*\*, an authenticated attacker could send specially crafted packets from an SMB Client to a targeted SMBv3 Server.

**What type of information could be disclosed by this vulnerability?** The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process.

**What privileges could an attacker gain?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

**What type of information could be disclosed by this vulnerability?** The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process.