smss.exe debugging subsystem in Windows NT and Windows 2000 does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges by duplicating a handle to a privileged process, as demonstrated by DebPloit.
Threat-Mapped Scoring
Score: 0.0
Priority: Unclassified
EPSS
Score: 0.01396Percentile:
0.79545
CVSS Scoring
CVSS v3.1 Score: 7.8
Severity: HIGH
KEV is present
Mapped CWE(s)
CWE-269
: Improper Privilege Management
All CAPEC(s)
CAPEC-122 : Privilege Abuse
CAPEC-233 : Privilege Escalation
CAPEC-58 : Restful Privilege Elevation
CAPEC(s) with Mapped TTPs
CAPEC-122 : Privilege Abuse
Mapped TTPs:
T1548
: Abuse Elevation Control Mechanism
CAPEC-233 : Privilege Escalation
Mapped TTPs:
T1548
: Abuse Elevation Control Mechanism
Mapped ATT&CK TTPs
T1548
: Abuse Elevation Control Mechanism
Kill Chain: privilege-escalation
T1548
: Abuse Elevation Control Mechanism
Kill Chain: privilege-escalation
Malware
APTs Threat Group Associations
Campaigns
Affected Products
cpe:2.3:o:microsoft:windows_2000:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:-:*:*:terminal_server:*:*:*
← Back to Home
BrownCoat Threat Intelligence Platform | 2025 Steve Gray — You Can’t Take the Sky from Me