Researcher details the CVE-2022-26809 PoC


CVE-2022-26809 PoC (proof-of-concept) exploit code is about to be published for a vulnerability that allows an attacker to gain remote code execution on the server-side.
Microsoft released patches for CVE-2022-26809 in Microsoft’s April 2022 Patch Tuesday, reportedly a zero-click exploit targeting Microsoft RPC services. It also has the highest CVSS score (9.8) and severity (Critical). This flaw exists in the Windows Remote Procedure Call Runtime library impacting all supported Windows products.

Read more…