Tag
#windows
**What privileges could be gained by an attacker who successfully exploited this vulnerability?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.
**According to the CVSS metric, the Attack Vector is Physical (AV:P). What does that mean for this vulnerability?** An attacker needs physical access to the target computer to plug in a malicious USB drive.
**What privileges could be gained by an attacker who successfully exploited this vulnerability?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.
**According to the CVSS metric, user interaction is required (UI:R) and privileges required are none (PR:N). What does that mean for this vulnerability?** An unauthorized attacker must wait for a user to initiate a connection.
**What type of information could be disclosed by this vulnerability?** An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory.
**Is there a prerequisite for installing the security update?** Yes. For **Windows Server 2012 R2 only**, to apply this update, you must have KB2919355 installed.
**What privileges could be gained by an attacker who successfully exploited this vulnerability?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.
**How could an attacker exploit this vulnerability?** An unauthenticated attacker could send a specially crafted protocol message to a Routing and Remote Access Service (RRAS) server, which could lead to remote code execution (RCE) on the RAS server machine.
**According to the CVSS metric, the attack vector is network (AV:N) and the user interaction is required (UI:R). What is the target context of the remote code execution?** This attack requires an admin user on the client to connect to a malicious server, and that could allow the attacker to gain code execution on the client.
**What kind of security feature could be bypassed by successfully exploiting this vulnerability?** An attacker who successfully exploited this vulnerability could trick Windows Code Integrity Guard (CIG) into trusting the file the attacker altered to contain arbitrary content bypassing CIG integrity checks.