USB Descriptor Flaw in Microsoft Windows Products
CVE-2013-3200

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows Server 2008; Windows Rt; Windows Xp; Windows 8
Vendor: CVE Published:; 9 October 2013

What is CVE-2013-3200?

The vulnerability exists in the kernel-mode USB drivers of multiple Microsoft Windows operating systems, allowing an attacker with physical access to execute arbitrary code by connecting a specially crafted USB device. This risk highlights the importance of securing physical access to systems as attackers can exploit this flaw to introduce malicious payloads, compromising the integrity of the affected systems.

References

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

http://www.us-cert.gov/ncas/alerts/TA13-288A

third-party-advisoryx_refsource_CERT

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 9, 2013
Vulnerability Reserved
Apr 17, 2013