Windows MMC Framework Zero-Day Exploited to Execute Malicious Code
Posted: Sun Mar 30, 2025 6:36 am
Trend Research has uncovered a sophisticated campaign by the Russian threat actor Water Gamayun, exploiting a zero-day vulnerability in the Microsoft Management Console (MMC) framework.
The vulnerability, dubbed MSC EvilTwin (CVE-2025-26633), allows attackers to execute malicious code on infected machines.
The attack manipulates .msc files and the Multilingual User Interface Path (MUIPath) to download and execute malicious payloads, maintain persistence, and exfiltrate sensitive data from compromised systems.
https://gbhackers.com/windows-mmc-frame ... exploited/
The vulnerability, dubbed MSC EvilTwin (CVE-2025-26633), allows attackers to execute malicious code on infected machines.
The attack manipulates .msc files and the Multilingual User Interface Path (MUIPath) to download and execute malicious payloads, maintain persistence, and exfiltrate sensitive data from compromised systems.
https://gbhackers.com/windows-mmc-frame ... exploited/