Last Modified: May 16, 2023
Win32k Elevation of Privilege Vulnerability
Tweets last week: 0
Remaining steady
Yahoo results: 160000
Slightly decreasing
Current EPSS Score: 0.002
Remaining steady
Reddit Posts: 2
Remaining steady
Github Repos: 2
Remaining steady
Found exploits:
Attack Vector: Local
Attack Complexity: Low
Privileges Required: Low
User Interaction: None
Scope: Unchanged
Confidentiality: High
Integrity: High
Availability: High
Base Score: 7.8
Exploitability Score:
1.8
Impact Score: 5.9
CVSS V3: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
NVD-CWE-noinfo
['alert file ( msg:"OS-WINDOWS Microsoft Windows local privilege escalation attempt"; file_data; content:"|81 3D F4 53 40 00 39 38 00 00 77 0F B8 9A 10 00 00 64 FF 15 C0 00 00 00 C3 EB 0D B8 98 10 00 00 64 FF 15 C0 00 00 00 C3|",fast_pattern,nocase; metadata:policy max-detect-ips drop,policy security-ips drop; reference:cve,2023-29336; reference:url,portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2023-29336; classtype:attempted-admin; gid:1; sid:300527; rev:1; )\n']
| Condition | Configuration | |
|---|---|---|
| OR | ||
| OR | ||
| cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:* Part: o Vendor: microsoft | Alle Schwachstellen für microsoft | |
| cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:* Part: o Vendor: microsoft | Alle Schwachstellen für microsoft | |
| cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:* Part: o Vendor: microsoft | Alle Schwachstellen für microsoft | |
| cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:* Part: o Vendor: microsoft | Alle Schwachstellen für microsoft | |
| cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:* Part: o Vendor: microsoft | Alle Schwachstellen für microsoft | |
| cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:* Part: o Vendor: microsoft | Alle Schwachstellen für microsoft | |
| cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:* Part: o Vendor: microsoft | Alle Schwachstellen für microsoft | |
CWE-ID:
Not defined
Configuration:
added:
cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*
<?xml version="1.0" ?>
<set operator="and">
<set operator="or">
<prop key="operating_system" value="cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*"/>
<prop key="operating_system" value="cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*"/>
<prop key="operating_system" value="cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*"/>
<prop key="operating_system" value="cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*"/>
<prop key="operating_system" value="cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*"/>
<prop key="operating_system" value="cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*"/>
<prop key="operating_system" value="cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*"/>
</set>
</set>
<?xml version="1.0" ?>
<set operator="and">
<set operator="or">
<prop key="operating_system" value="cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*"/>
<prop key="operating_system" value="cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*"/>
<prop key="operating_system" value="cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*"/>
<prop key="operating_system" value="cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*"/>
<prop key="operating_system" value="cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*"/>
<prop key="operating_system" value="cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*"/>
<prop key="operating_system" value="cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*"/>
</set>
<prop key="program_influence" value="input"/>
</set>