3D Viewer Remote Code Execution Vulnerability
CVE-2023-36739

7.8HIGH

Key Information:

Vendor: Microsoft
Status: 3d Viewer
Vendor: CVE Published:; 12 September 2023

What is CVE-2023-36739?

A vulnerability in the 3D Viewer application allows remote code execution, potentially enabling an attacker to execute arbitrary code on the affected system. This could result in unauthorized access to sensitive data or control over the device. Users are encouraged to apply security updates promptly to mitigate any risks associated with this issue.

Affected Version(s)

3D Viewer Unknown 7.0.0 < 7.2306.12012.0

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 12, 2023
Vulnerability Reserved
Jun 26, 2023

Microsoft

What is CVE-2023-36739?

Affected Version(s)

References

CVSS V3.1

Timeline