cve/2024/CVE-2024-6769.md

### [CVE-2024-6769](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6769)
![](https://img.shields.io/static/v1?label=Product&message=Windows%2010&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%2011&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202022&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=10.0.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-426%20Untrusted%20Search%20Path&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-427%20Uncontrolled%20Search%20Path%20Element&color=brightgreen)

### Description

A DLL Hijacking caused by drive remapping combined with a poisoning of the activation cache in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated attacker to elevate from a medium integrity process to a high integrity process without the intervention of a UAC prompt.

### POC

#### Reference
- https://github.com/fortra/CVE-2024-6769

#### Github
- https://github.com/Abdelhadi963/hInject
- https://github.com/Swayampadhy/CurveLock
- https://github.com/fortra/CVE-2024-6769
- https://github.com/nomi-sec/PoC-in-GitHub