Skype for Business Elevation of Privilege Vulnerability
Key Information
- Vendor
- Microsoft
- Status
- Skype For Business Server 2015 Cu13
- Skype For Business Server 2019 Cu7
- Vendor
- CVE Published:
- 10 October 2023
Badges
Summary
Skype for Business Elevation of Privilege Vulnerability
CISA Reported
CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2023-41763 as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace
The CISA's recommendation is: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Affected Version(s)
Skype for Business Server 2015 CU13 < 6.0.9319.869
Skype for Business Server 2019 CU7 < 7.0.246.530
News Articles
EPSS Score
61% chance of being exploited in the next 30 days.
CVSS V3.1
Timeline
First article discovered by The Record from Recorded Future News
- 👾
Exploit exists.
Vulnerability published.
Vulnerability Reserved.