{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/tags/lldp/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":7,"id":"CVE-2026-34341"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["Link-Layer Discovery Protocol (LLDP)"],"_cs_severities":["high"],"_cs_tags":["lldp","double-free","privilege-escalation","windows"],"_cs_type":"advisory","_cs_vendors":["Microsoft"],"content_html":"\u003cp\u003eCVE-2026-34341 is a double free vulnerability residing in the Windows Link-Layer Discovery Protocol (LLDP). Successful exploitation of this vulnerability allows an authenticated attacker with local access to elevate their privileges on the targeted system. The vulnerability was published on May 12, 2026, and has a CVSS v3.1 score of 7.0, indicating a high severity. This vulnerability allows a local attacker to gain higher privileges, potentially leading to complete system compromise. Defenders should prioritize patching systems to prevent exploitation.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAttacker gains initial local access to a Windows system.\u003c/li\u003e\n\u003cli\u003eAttacker crafts a malicious LLDP packet or triggers a specific sequence of LLDP operations.\u003c/li\u003e\n\u003cli\u003eThe crafted packet or operations cause the LLDP service to allocate and subsequently free a memory region.\u003c/li\u003e\n\u003cli\u003eA separate part of the attacker-controlled process causes the same memory region to be freed a second time.\u003c/li\u003e\n\u003cli\u003eThis double free corrupts the heap metadata.\u003c/li\u003e\n\u003cli\u003eThe heap corruption leads to a controlled write primitive.\u003c/li\u003e\n\u003cli\u003eThe attacker uses the controlled write to overwrite critical system structures.\u003c/li\u003e\n\u003cli\u003eThe attacker leverages the memory corruption to achieve arbitrary code execution and escalate privileges to SYSTEM.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-34341 allows a local attacker to elevate their privileges on the targeted Windows system. This could lead to complete system compromise, including data theft, malware installation, or disruption of services. The scope is limited to local access, but the impact is significant given the potential for full system control.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApply the Microsoft patch for CVE-2026-34341 as soon as possible to remediate the double free vulnerability (\u003ca href=\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-34341\"\u003ehttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-34341\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eMonitor systems for suspicious LLDP activity, particularly processes interacting with the LLDP service, using the provided Sigma rules.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-12T18:23:49Z","date_published":"2026-05-12T18:23:49Z","id":"https://feed.craftedsignal.io/briefs/2026-05-cve-2026-34341-lldp-double-free/","summary":"CVE-2026-34341 is a double free vulnerability in the Windows Link-Layer Discovery Protocol (LLDP) that allows an authorized attacker to elevate privileges locally with a CVSS v3.1 score of 7.0.","title":"CVE-2026-34341: Windows LLDP Double Free Privilege Escalation","url":"https://feed.craftedsignal.io/briefs/2026-05-cve-2026-34341-lldp-double-free/"}],"language":"en","title":"CraftedSignal Threat Feed — Lldp","version":"https://jsonfeed.org/version/1.1"}