CWE-422
Unprotected Windows Messaging Channel ('Shatter')
The product does not properly verify the source of a message in the Windows Messaging System while running at elevated privileges, creating an alternate channel through which an attacker can directly send a message to the product.
Official CWE-422 definition at MITREImpactr finds and proves weaknesses like CWE-422 in your web apps and APIs - investigating, chaining, and validating each with a reproducible exploit.
Join the waitlist