Paint 3D Remote Code Execution Vulnerability
CVE-2023-32047

7.8HIGH

Key Information:

Vendor: Microsoft
Status: Paint 3d
Vendor: CVE Published:; 11 July 2023

Summary

The Paint 3D application is susceptible to a remote code execution vulnerability that allows an attacker to execute arbitrary code on the affected system. This seamless flaw can be exploited by exploiting specially crafted files, potentially compromising user data and system integrity. It is crucial for users of Paint 3D to apply security updates promptly to mitigate risks associated with this vulnerability.

Affected Version(s)

Paint 3D Unknown 6.0.0 < 6.2305.16087.0

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jul 11, 2023
Vulnerability Reserved
May 1, 2023