LocalPotato NTLM Authentication Vulnerability (CVE-2023-21746)

Windows[German]In mid-January 2023 month, I had pointed out a local NTLM authentication vulnerability (CVE-2023-21746) in my German blog post Nach RemotePotato0 kommt die Windows Local Potato NTLM-Schwachstelle (CVE-2023-21746). The two security researchers Andrea Pierini &anAntonio Cocomazzi refer to this as LocalPotator, but had not disclosed details at the time. Now the security researcher has disclosed the details of this vulnerability within the article LocalPotato – When Swapping The Context Leads You To SYSTEM. Microsoft has already patched this vulnerability with the January 2023 updates for Windows.


This entry was posted in Security, Windows and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *