Exploit code was released for an unpatched Windows local privilege escalation flaw dubbed BlueHammer that can grant SYSTEM or elevated administrator permissions. The proof-of-concept was published by a researcher using the aliases Chaotic Eclipse and Nightmare-Eclipse after a disclosure dispute with Microsoft, and researchers confirm it can access the SAM database and enable full system compromise despite bugs and no official patch. #BlueHammer #ChaoticEclipse
Keypoints
- BlueHammer is an unpatched Windows local privilege escalation vulnerability that can yield SYSTEM privileges.
- A researcher using the aliases Chaotic Eclipse and Nightmare-Eclipse published exploit code after a dispute with Microsoft’s MSRC.
- The PoC combines a TOCTOU race condition and path confusion to gain access to the SAM database of local password hashes.
- Researchers confirmed the exploit can work on endpoints but the published code contains bugs and is less reliable on Windows Server.
- No official patch has been released, leaving systems at risk if attackers obtain local access through other vectors.