Blog Security Research Call and Register — Relay Attack on WinReg RPC Client Stiv Kupchik is a Security Researcher Team Lead at Akamai. His research projects revolve around OS internals, vulnerability research, and malware analysis. He has presented his research at conferences such as Black Hat, Hexacon, and 44CON. In addition to being a cybersecurity professional, Stiv also has a BSc in physics. Akamai researcher Stiv Kupchik found a new elevation of privilege (EoP) vulnerability in Microsoft’s Remote Registry client. Executive summary \r\n Akamai researcher Stiv Kupchik found a new elevation of privilege (EoP) vulnerability in Microsoft’s Remote Registry client, CVE-2024-43532 , with a CVSS score of 8.8. \r\n \r\n The vulnerability abuses a fallback mechanism in the WinReg client implementation that uses obsolete transport protocols insecurely if the SMB transport is unavailable.…