HiveNightmare zero-day lets anyone be SYSTEM on Windows 10 and 11.


On Windows 10 and Windows 11, users with low rights can access critical Registry database files, making them vulnerable to SeriousSAM or HiveNightmare, a local elevation of privilege vulnerability.

A user can utilise SeriousSAM to access a variety of system files, including the Security Accounts Manager (SAM) database. A successful exploit of this issue might allow an attacker to execute arbitrary code with SYSTEM privileges.

Read More…