#Windows Server Service

**According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?** A user would have to restart the compromised service on the server to trigger the vulnerability.

**How could an attacker exploit the vulnerability?** To exploit this vulnerability, an attacker would need to send a specially crafted malicious MSMQ packet to a MSMQ server. This could result in remote code execution on the server side.

**According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?** The attacker must be authenticated to be able to exploit this vulnerability.

**What kind of security feature could be bypassed by successfully exploiting this vulnerability?** An attacker who successfully exploited this vulnerability could execute RPC procedures that are restricted to privileged accounts, bypassing the access check for the RPC procedures.

**What privileges could be gained by an attacker who successfully exploited the vulnerability?** An attacker would only be able to delete targeted files on a system. They would not gain privileges to view or modify file contents.

**How could an attacker exploit this vulnerability?** For successful exploitation, a malicious certificate needs to be imported on an affected system. An authenticated attacker could remotely upload a certificate to the Server service.

**What type of information could be disclosed by this vulnerability?** The presence of specific file names and users can be confirmed over the internal network.