LocalPotato NTLM Authentication Vulnerability (CVE-2023-21746)

Windows[German]In mid-January 2023 month, I had pointed out a local NTLM authentication vulnerability (CVE-2023-21746) in my German blog post Nach RemotePotato0 kommt die Windows Local Potato NTLM-Schwachstelle (CVE-2023-21746). The two security researchers Andrea Pierini &anAntonio Cocomazzi refer to this as LocalPotator, but had not disclosed details at the time. Now the security researcher has disclosed the details of this vulnerability within the article LocalPotato – When Swapping The Context Leads You To SYSTEM. Microsoft has already patched this vulnerability with the January 2023 updates for Windows.


Advertising

This entry was posted in Security, Windows and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *