How to exploit 7-zip's privilege escalation vulnerability (CVE-2022-29072)
In this video, I show you have easy it is for an attacker to exploit the 7-zip vulnerability. This vulnerability requires an attacker connect to your system already, but has a limited account. This exploit allows the attacker to gain administrator level access by abusing the weakness in 7-zip.
Mitigations
Option 1: If 7-zip does not update, deleting the 7-zip.chm file will be sufficient to stop the vulnerability.
Option 2: Uninstall it and wait for the vendor to release an updated version that addresses this problem.
#pentesting #infosec #lockardsecurity #cve-2022-29072 #exploit #ethicalhacking #ceh #oscp #7-zip #hacking #privilegeescalation #redteam #purpleteam #blueteam #cybersecurity
