cve/2024/CVE-2024-6769.md

### [CVE-2024-6769](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6769)
![](https://img.shields.io/static/v1?label=Product&message=Windows%2010&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%2011&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202022&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-426%20Untrusted%20Search%20Path&color=brighgreen)

### Description

A DLL Hijacking caused by drive remapping combined with a poisoning of the activation cache in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated attacker to elevate from a medium integrity process to a high integrity process without the intervention of a UAC prompt.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/Abdelhadi963/hInject
- https://github.com/Swayampadhy/CurveLock
- https://github.com/fortra/CVE-2024-6769
Update CVE sources 2025-09-29 16:08 2025-09-29 16:08:36 +00:00			`### [CVE-2024-6769](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6769)`
			`![](https://img.shields.io/static/v1?label=Product&message=Windows%2010&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Windows%2011&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202022&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-426%20Untrusted%20Search%20Path&color=brighgreen)`

			`### Description`

			`A DLL Hijacking caused by drive remapping combined with a poisoning of the activation cache in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated attacker to elevate from a medium integrity process to a high integrity process without the intervention of a UAC prompt.`

			`### POC`

			`#### Reference`
			`No PoCs from references.`

			`#### Github`
			`- https://github.com/Abdelhadi963/hInject`
			`- https://github.com/Swayampadhy/CurveLock`
			`- https://github.com/fortra/CVE-2024-6769`