The 2022 Pwnie Winner For Best Remote Code Execution Bug

Windows RPC Runtime Remote Code Execution (CVE-2022-26809)

Link: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26809

Researchers: https://twitter.com/KunlunLab

The Remote Procedure Call (RPC) is used everywhere in windows system. In 2021 BugHunter010 at Cyber KunLun Lab discovered a heap-buffer-overflow vulnerablity in RPC protocol with CVSS score 9.8. This bug has existed in windows system for more than 20 years and could be exploited in various places/ways to achieve unauthenticated remote code execution/priviledge escalation.