CVE-2002-0367

smss.exe debugging subsystem in Microsoft Windows does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges. Vendor/Product: Microsoft Windows. Added to CISA KEV 2022-03-03; required action: Apply updates per vendor instructions.