Windows Client-Side Caching Service Vulnerability

HIGH (7.8)
cwe-476local-accesslow-complexity-vulnerabilitymicrosoftprivilege-elevation

Threat Intelligence

Low Risk
EPSS Score: 0.06% chance of exploitation (percentile: 19%)
🔍 Detection Tools: None available in major open-source tools
⚔️ Exploit Availability: No public exploits found

How we test →

What is it?

The Windows Client-Side Caching Service is a caching mechanism used by Windows to improve performance. However, this vulnerability allows an authorized attacker to elevate privileges locally, potentially leading to unauthorized access to sensitive data and system configuration.

Am I affected?

You're affected if you use Null pointer dereference. Specific version info not stated in the advisory.

How to fix

  1. Apply the security update from Microsoft Security Update Guide - Microsoft Security Response Center (https://www.microsoft.com/en-us/security/updates/).
  2. Immediate mitigations:
  3. Restrict network access to your system (firewall it from the public internet)
  4. Audit system activity for suspicious access patterns
  5. Monitor for unauthorized privilege elevation

References