Recently a vulnerability in Microsoft's Cortana (CVE2018-8140) has been patched. Mcafee made a blog post about it explaining some background information. There is also a video showing a Proof of Concept, resetting the password of a computer and logging in.
Now I am trying to recreate this PoC purely out of curiosity and interest. I am able to execute a PowerShell script trough Cortana on the login screen but I am unable to reset or change a password. Clearly, I do not have the rights to do this without logging in and thereby accepting the UAC.
The PS script is as follows
[console]::beep(2000,1000)
net user Username newpassword
I am not asking for programming help but I would like to know if I am missing something important about this vulnerability. Does anyone know how to execute a elevated PowerShell script using the recent Cortana vulnerability? Or the method used to reset the password as shown in the video.