Elevation of Privilege Vulnerability Affects Microsoft Streaming Service
CVE-2023-29360

8.4HIGH

Key Information:

Vendor
Microsoft
Status
Windows 10 Version 1809
Windows Server 2019
Windows Server 2019 (server Core Installation)
Windows Server 2022
Vendor
CVE Published:
14 June 2023

Badges

πŸ’° RansomwareπŸ‘Ύ Exploit Exists🟑 Public PoCπŸ¦… CISA ReportedπŸ“° News Worthy

Summary

The Microsoft Streaming Service has a high-severity elevation of privilege vulnerability known as CVE-2023-29360, with a CVSS score of 8.4, that is currently being actively exploited in the wild by the Raspberry Robin malware. The vulnerability allows attackers to gain System privileges and impacts Windows 10 and 11, as well as Windows Server 2016, 2019, and 2022. The Cybersecurity and Infrastructure Security Agency (CISA) has added this vulnerability to its Known Exploited Vulnerabilities (KEV) catalog and has ordered US federal agencies to patch it by March 21. Organizations using the Microsoft Streaming Service are advised to prioritize patching to protect against potential attacks.

CISA Reported

CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace as recent news articles suggest the vulnerability is being used by ransomware groups.

The CISA's recommendation is: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Affected Version(s)

Windows 10 Version 1607 32-bit Systems 10.0.14393.0 < 10.0.14393.5989

Windows 10 Version 1809 32-bit Systems 10.0.17763.0 < 10.0.17763.4499

Windows 10 Version 1809 ARM64-based Systems 10.0.0 < 10.0.17763.4499

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

cve-2023-29360
Created by Nero22k

CVE-2023-29360
Created by 0xDivyanshu-new

News Articles

favicon imageThe Tech Report

Cybersecurity Agency CISA Warns of a Highly Severe Vulnerability in Microsoft Streaming Service

The Cybersecurity and Infrastructure Security Agency (CISA), a US-based cybersecurity agency, added a high-severity elevation of privilege flaw i Microsoft Streaming Service to its Known Exploited...

10 months ago

favicon imageSC Media

CISA: Active exploitation of Microsoft Streaming Service bug should prompt urgent patching

Immediate patching of the high-severity Microsoft Streaming Service flaw, tracked as CVE-2023-29360, has been urged .

10 months ago

favicon imageSecurityWeek

CISA Warns of Windows Streaming Service Vulnerability Exploitation

CISA says a high-severity elevation of privilege vulnerability in Microsoft Streaming Service is actively exploited in the wild.

10 months ago

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...
vendor-advisory

EPSS Score

3% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
8.4
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • 🟑

    Public PoC available

  • πŸ’°

    Used in Ransomware

  • πŸ‘Ύ

    Exploit known to exist

  • πŸ¦…

    CISA Reported

  • πŸ“°

    First article discovered by Security Intelligence

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre DatabaseCISA Database2 Proof of Concept(s)6 News Article(s)
.