{"uuid": "8c8e338f-4090-476b-8c0e-66b8eab03251", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2018-0952", "type": "published-proof-of-concept", "source": "https://t.me/ExcreamOnSecurity/97", "content": "CVE-2018-0952: Privilege Escalation Vulnerability in Windows Standard Collector Service\n\nThe Diagnostics Hub Packaging library, used by Windows Standard Collector Service, can be forced to copy an arbitrary file to an arbitrary location due to lack of client impersonation in DiagnosticsHub.StandardCollector.Runtime.dll.\n\nPoC: https://github.com/atredispartners/CVE-2018-0952-SystemCollector/blob/master/README.md\n\nWriteup: https://www.atredis.com/blog/cve-2018-0952-privilege-escalation-vulnerability-in-windows-standard-collector-service\n\n#exploitation #windows #eop", "creation_timestamp": "2019-05-01T08:09:40.000000Z"}