“To exploit this vulnerability, an authenticated attacker would need to run a specially crafted application on the target system to exploit the vulnerability to elevate their privileges to a Medium Integrity Level.”
The second exploited zero day, CVE-2024-43451, earns a lower CVSS of 6.5 but will still be a worry, given that it’s a hash disclosure flaw in the now deprecated NTLMv2 affecting all versions of Windows stretching back to Windows Server 2008.
For a hacker, the most direct route past security is to defeat or bypass authentication in some way. That can be done by stealing passwords, but also by stealing their hashes. In the case of this flaw, that would allow an attacker to conduct a pass-the-hash attack by siphoning off the hash from memory before using it to authenticate on a target system.
