Windows Container Manager Service CmsRpcSrv_CreateContainer Privilege Escalation

The Container Manager Service accepts an access token provided by the user without verification allowing an arbitrary process to be created with another user identity leading to privilege escalation.