LocalPotato NTLM Authentication Vulnerability (CVE-2023-21746)

Posted on 2023-02-11 by guenni

Windows[German]In mid-January 2023 month, I had pointed out a local NTLM authentication vulnerability (CVE-2023-21746) in my German blog post Nach RemotePotato0 kommt die Windows Local Potato NTLM-Schwachstelle (CVE-2023-21746). The two security researchers Andrea Pierini &anAntonio Cocomazzi refer to this as LocalPotator, but had not disclosed details at the time. Now the security researcher has disclosed the details of this vulnerability within the article LocalPotato – When Swapping The Context Leads You To SYSTEM. Microsoft has already patched this vulnerability with the January 2023 updates for Windows.

This entry was posted in Security, Windows and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: Please note the rules for commenting on the blog (first comments and linked posts end up in moderation, I release them every few hours, I rigorously delete SEO posts/SPAM).