Windows Common Log File System Driver Elevation of Privilege Vulnerability

CVE-2023-36424

7.8HIGH

Key Information

Vendor: Microsoft
Status: Windows 11 Version 22h3; Windows Server 2022, 23h2 Edition (server Core Installation); Windows 11 Version 23h2; Windows 10 Version 1809
Vendor: CVE Published:; 14 November 2023

Badges

😄 Trended👾 Exploit Exists🔴 Public PoC📰 News Worthy

Summary

CVE-2023-36424 is a high-severity vulnerability in the Windows Common Log File System Driver that could be exploited to elevate privileges from Medium to High Integrity Level. The release of proof-of-concept (PoC) code by security researcher Nassim-Asrir has brought new urgency to the situation, as it demonstrates how a malicious actor could exploit this bug to gain full control over a targeted system. The vulnerability arises from how Windows handles data from NTFS reparse points, and attackers could use this flaw to install malware and ransomware, steal data, disrupt or destroy systems. It is important for organizations to apply the relevant Microsoft Patch Tuesday update from November 2023 immediately to protect against exploitation.

Affected Version(s)

Windows 11 version 22H3 < 10.0.22631.2715

Windows Server 2022, 23H2 Edition (Server Core installation) < 10.0.25398.531

Windows 11 Version 23H2 < 10.0.22631.2715

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2023-36424
Created by Nassim-Asrir

News Articles

TheCyberThrone

CVE-2023-36424

PoC released for the Windows Vulnerability - CVE-2023-36424

A security researcher has published details and proof-of-concept code for a Windows CVE-2023-36424 vulnerability that could be exploited to elevate privileges from a Medium Integrity Level to a High Integrity Level. The vulnerability is assigned a CVSS score of 7.8, this flaw could allow attackers t...

6 months ago