CVE-2023-35356
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
11/07/2023
Last modified:
01/01/2025
Description
Windows Kernel Elevation of Privilege Vulnerability
Impact
Base Score 3.x
7.80
Severity 3.x
HIGH
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:* | 10.0.14393.6085 (excluding) | |
cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:* | 10.0.17763.4645 (excluding) | |
cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:* | 10.0.19041.3208 (excluding) | |
cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:* | 10.0.19045.3208 (excluding) | |
cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:* | 10.0.22000.2176 (excluding) | |
cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:* | 10.0.22621.1992 (excluding) | |
cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35356
- http://packetstormsecurity.com/files/174115/Microsoft-Windows-Kernel-Arbitrary-Read.html
- http://packetstormsecurity.com/files/174118/Microsoft-Windows-Kernel-Security-Descriptor-Use-After-Free.html
- http://packetstormsecurity.com/files/176451/Microsoft-Windows-Registry-Predefined-Keys-Privilege-Escalation.html
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35356