Isolate me from sandbox - Explore elevation of privilege of CNG Key Isolation

Author: k0shl of Cyber KunlunSummary

In recently months, Microsoft patched vulnerabilities I reported in CNG Key Isolation service, assigned CVE-2023-28229 and CVE-2023-36906, the CVE-2023-28229 incl......

Break me out of sandbox in old pipe - CVE-2022-22715 Windows Dirty Pipe

Author: k0shl of Cyber Kunlun

In February 2022, Microsoft patched the vulnerability I used in TianfuCup 2021 for escaping Adobe Reader sandbox, assigned CVE-2022-22715. The vulnerability existed in N......

The Story Of CVE-2021-1648

Author: k0shl of 360 Vulcan Team


In January 2021 patch tuesday, MSRC patched a vulnerability in splwow64 service, assigned to CVE-2021-1648(also known as CVE-2020-17008), which merged my tw......