Windows ALPC Elevation of Privilege Vulnerability
CVE-2023-21674

8.8HIGH

Key Information:

Vendor: Microsoft
Status: Windows 10 Version 1809; Windows Server 2019; Windows Server 2019 (server Core Installation); Windows Server 2022
Vendor: CVE Published:; 10 January 2023

Badges

👾 Exploit Exists🦅 CISA Reported📰 News Worthy

What is CVE-2023-21674?

A recently patched Windows zero-day vulnerability, CVE-2023-21674, was exploited in the wild, with exploitation activity detected by Avast threat researchers. The vulnerability, which allowed for an elevation of privilege, was included in January's Patch Tuesday by Microsoft. It was actively exploited, and organizations are urged to patch their systems immediately. Exploitation was discovered to be part of a larger infection chain potentially through a browser, and further exploitation activities were observed. Though Microsoft released a fix, the full exploit chain is not yet known.

CISA has reported CVE-2023-21674

CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2023-21674 as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace

The CISA's recommendation is: Apply updates per vendor instructions.

Affected Version(s)

Windows 10 Version 1507 32-bit Systems 10.0.10240.0 < 10.0.10240.19685

Windows 10 Version 1607 32-bit Systems 10.0.14393.0 < 10.0.14393.5648

Windows 10 Version 1809 32-bit Systems 10.0.17763.0 < 10.0.17763.3887

News Articles

TechTarget

CVE-2023-21674

Windows zero day patched but exploitation activity unclear | TechTa...

Avast detected a recently patched Windows zero-day flaw being exploited in the wild and urged users to patch.

CRN Magazine

CVE-2023-21674

Microsoft Seeing Exploits Of Windows Zero Day Vulnerability | CRN

As part of Patch Tuesday for January 2023, Microsoft said it has released a patch for a Windows zero day vulnerability (CVE-2023-21674) that is seeing exploitation in the wild.

Krebs on Security

CVE-2023-21674

Microsoft Patch Tuesday, January 2023 Edition

Microsoft today released updates to fix nearly 100 security flaws in its Windows operating systems and other software. Highlights from the first Patch Tuesday of 2023 include a zero-day vulnerability in Windows, printer software flaws reported by the U.S. National…

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

EPSS Score

8% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

📰
First article discovered by Help Net Security
Mar 12, 2024
👾
Exploit known to exist
Jan 10, 2023
🦅
CISA Reported
Jan 10, 2023
Vulnerability published
Jan 10, 2023
Vulnerability Reserved
Dec 13, 2022