SysInternals Sysmon for Windows Elevation of Privilege Vulnerability
CVE-2023-29343

7.8HIGH

Key Information:

Vendor: Microsoft
Status: Windows Sysmon
Vendor: CVE Published:; 9 May 2023

Badges

👾 Exploit Exists🟡 Public PoC🟣 EPSS 16%

Summary

An elevation of privilege vulnerability exists in SysInternals Sysmon for Windows that could allow an attacker to gain heightened privileges within the affected system. This flaw may enable an unauthorized user to execute arbitrary code or control system processes, leading to serious security risks. Organizations using Sysmon should prioritize applying security updates to mitigate potential threats associated with this vulnerability.

Affected Version(s)

Windows Sysmon Unknown 1.0 < 14.16

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2023-29343
Created by Wh04m1001

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

EPSS Score

16% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

🟡
Public PoC available
Jun 18, 2023
👾
Exploit known to exist
Jun 18, 2023
Vulnerability published
May 9, 2023
Vulnerability Reserved
Apr 4, 2023