Sınıf: Exploit
Exploits, açık veya kötü niyetli amaçlarla yerel veya uzak bilgisayarda çalışan yazılımlardaki bir veya daha fazla güvenlik açığından yararlanan veri veya yürütülebilir kod içeren programlardır. Çoğu zaman, kötü niyetli kullanıcılar, daha sonra kötü amaçlı kod yüklemek için (örneğin, tüm ziyaretçileri kötü niyetli bir programla tehlikeye girmiş bir web sitesine bulaştıracak şekilde) bir kurbanın bilgisayarına girmek için bir istismar kullanırlar. Ayrıca, kullanıcılardan herhangi bir işlem yapılmaksızın bir kurbanın bilgisayarını kesmek için, Net-Worms tarafından istismarlar yaygın olarak kullanılmaktadır. Nuker programları istismarlar arasında dikkate değerdir; Bu tür programlar, yerel veya uzak bilgisayarlara özel hazırlanmış istekleri göndererek sistemin çökmesine neden olur.Platform: Win64
Win64, 32/64-bit uygulamaların yürütülmesi için Windows tabanlı işletim sistemlerinde bir platformdur. Win64 programları, Windows'un 32 bit sürümlerinde başlatılamaz.Aile: Exploit.Win64.CVE-2026-20817
No family descriptionExamples
AFD05889579ADA51C0C6F33855431AA9Tactics and Techniques: Mitre*
TA0004
Privilege Escalation
The adversary is trying to gain higher-level permissions. Privilege Escalation consists of techniques that adversaries use to gain higher-level permissions on a system or network. Adversaries can often enter and explore a network with unprivileged access but require elevated permissions to follow through on their objectives. Common approaches are to take advantage of system weaknesses, misconfigurations, and vulnerabilities. Examples of elevated access include: SYSTEM/root level, local administrator, user account with admin-like access, user accounts with access to specific system or perform specific function. These techniques often overlap with Persistence techniques, as OS features that let an adversary persist can execute in an elevated context.
T1134
Access Token Manipulation
Adversaries may modify access tokens to operate under a different user or system security context to perform actions and bypass access controls. Windows uses access tokens to determine the ownership of a running process. A user can manipulate access tokens to make a running process appear as though it is the child of a different process or belongs to someone other than the user that started the process. When this occurs, the process also takes on the security context associated with the new token.
TA0005
Defense Evasion
The adversary is trying to avoid being detected. Defense Evasion consists of techniques that adversaries use to avoid detection throughout their compromise. Techniques used for defense evasion include uninstalling/disabling security software or obfuscating/encrypting data and scripts. Adversaries also leverage and abuse trusted processes to hide and masquerade their malware. Other tactics' techniques are cross-listed here when those techniques include the added benefit of subverting defenses.
T1134
Access Token Manipulation
Adversaries may modify access tokens to operate under a different user or system security context to perform actions and bypass access controls. Windows uses access tokens to determine the ownership of a running process. A user can manipulate access tokens to make a running process appear as though it is the child of a different process or belongs to someone other than the user that started the process. When this occurs, the process also takes on the security context associated with the new token.
* © 2026 The MITRE Corporation. This work is reproduced and distributed with the permission of The MITRE Corporation.