NIGHTMARE Eclipse, a security researcher, has released a new zero-day exploit called LegacyHive that targets a local privilege escalation vulnerability in Windows User Profile Service. This exploit allows attackers to gain access to other users' hives, including administrators'. The proof-of-concept (PoC) exploit requires standard user credentials and a third username, usually an administrator account, to function.
LegacyHive is a continuation of previous exploits released by Nightmare Eclipse, including BlueHammer and GreenPlasma. Microsoft has not yet acknowledged this new vulnerability, and SecurityWeek has reached out for a comment.