Elevation of Privilege Vulnerability Affects Microsoft Streaming Service

CVE-2023-29360
8.4HIGH

Key Information

Vendor
Microsoft
Status
Windows 10 Version 1809
Windows Server 2019
Windows Server 2019 (server Core Installation)
Windows Server 2022
Vendor
CVE Published:
14 June 2023

Badges

👾 Exploit Exists🔴 Public PoC📰 News Worthy

Summary

The Microsoft Streaming Service has a high-severity elevation of privilege vulnerability known as CVE-2023-29360, with a CVSS score of 8.4, that is currently being actively exploited in the wild by the Raspberry Robin malware. The vulnerability allows attackers to gain System privileges and impacts Windows 10 and 11, as well as Windows Server 2016, 2019, and 2022. The Cybersecurity and Infrastructure Security Agency (CISA) has added this vulnerability to its Known Exploited Vulnerabilities (KEV) catalog and has ordered US federal agencies to patch it by March 21. Organizations using the Microsoft Streaming Service are advised to prioritize patching to protect against potential attacks.

CISA Reported

CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2023-29360 as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace as recent news articles suggest the vulnerability is being used by ransomware groups.

The CISA's recommendation is: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Affected Version(s)

Windows 10 Version 1809 < 10.0.17763.4499

Windows Server 2019 < 10.0.17763.4499

Windows Server 2019 (Server Core installation) < 10.0.17763.4499

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

cve-2023-29360
Created by Nero22k

CVE-2023-29360
Created by 0xDivyanshu-new

News Articles

favicon imageThe Tech Report

Cybersecurity Agency CISA Warns of a Highly Severe Vulnerability in Microsoft Streaming Service

The Cybersecurity and Infrastructure Security Agency (CISA), a US-based cybersecurity agency, added a high-severity elevation of privilege flaw i Microsoft Streaming Service to its Known Exploited...

7 months ago

favicon imageSC Media

CISA: Active exploitation of Microsoft Streaming Service bug should prompt urgent patching

Immediate patching of the high-severity Microsoft Streaming Service flaw, tracked as CVE-2023-29360, has been urged .

7 months ago

favicon imageSecurityWeek

CISA Warns of Windows Streaming Service Vulnerability Exploitation

CISA says a high-severity elevation of privilege vulnerability in Microsoft Streaming Service is actively exploited in the wild.

7 months ago

CVSS V3.1

Score:
8.4
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • 👾

    Exploit exists.

  • First article discovered by Security Intelligence

  • Vulnerability published.

  • Vulnerability Reserved.

Collectors

NVD DatabaseMitre DatabaseCISA Database2 Proof of Concept(s)6 News Article(s)
.