On April 12, 2022, Microsoft published CVE-2022-24527, a local privilege escalation vulnerability in Microsoft Connected Cache. The vulnerability allowed a local low-privileged user to execute arbitrary Powershell as SYSTEM due to improper file permission assignment (CWE-732).
Connected Cache is a feature used by Microsoft Endpoint Manager “Distribution Points” to support “Delivery Optimization.”
This post was created with our nice and easy submission form. Create your post!
GIPHY App Key not set. Please check settings