Windows Common Log File System Driver Elevation of Privilege Vulnerability
Key Information
- Vendor
- Microsoft
- Status
- Windows 11 Version 22h3
- Windows Server 2022, 23h2 Edition (server Core Installation)
- Windows 11 Version 23h2
- Windows 10 Version 1809
- Vendor
- CVE Published:
- 14 November 2023
Badges
Summary
CVE-2023-36424 is a high-severity vulnerability in the Windows Common Log File System Driver that could be exploited to elevate privileges from Medium to High Integrity Level. The release of proof-of-concept (PoC) code by security researcher Nassim-Asrir has brought new urgency to the situation, as it demonstrates how a malicious actor could exploit this bug to gain full control over a targeted system. The vulnerability arises from how Windows handles data from NTFS reparse points, and attackers could use this flaw to install malware and ransomware, steal data, disrupt or destroy systems. It is important for organizations to apply the relevant Microsoft Patch Tuesday update from November 2023 immediately to protect against exploitation.
Affected Version(s)
Windows 11 version 22H3 < 10.0.22631.2715
Windows Server 2022, 23H2 Edition (Server Core installation) < 10.0.25398.531
Windows 11 Version 23H2 < 10.0.22631.2715
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
News Articles
PoC released for the Windows Vulnerability - CVE-2023-36424
A security researcher has published details and proof-of-concept code for a Windows CVE-2023-36424 vulnerability that could be exploited to elevate privileges from a Medium Integrity Level to a High Integrity Level. The vulnerability is assigned a CVSS score of 7.8, this flaw could allow attackers t...
6 months ago
Windows Privilege Escalation Flaw (CVE-2023-36424): Exploit Code Released, Patch Urgently Needed
A security researcher has published details and proof-of-concept (PoC) code for a Windows CVE-2023-36424 vulnerability
6 months ago
Windows Common Log File System Driver EoP Flaw Gets PoC Exploit
Proof-of-concept (PoC) exploit code has been published for a Windows kernel vulnerability tracked as CVE-2023-36424.
9 months ago
EPSS Score
1% chance of being exploited in the next 30 days.
CVSS V3.1
Timeline
- 👾
Exploit exists.
Vulnerability started trending.
First article discovered by SSD Secure Disclosure
Vulnerability published.
Vulnerability Reserved.