← ExploitWatch
HomeExploited Vulnerabilities

CVE-2002-0367 — Actively Exploited: Windows (Microsoft)

smss.exe debugging subsystem in Microsoft Windows does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges.

CVE IDCVE-2002-0367
VendorMicrosoft
ProductWindows
Vulnerability nameMicrosoft Windows Privilege Escalation Vulnerability
Date added2022-03-03
Remediation due2022-03-24
Known ransomware useUnknown
Required actionApply updates per vendor instructions.
Descriptionsmss.exe debugging subsystem in Microsoft Windows does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →