CVE-2023-36424 | THREATINT

Description

Windows Common Log File System Driver Elevation of Privilege Vulnerability

Reserved 2023-06-21 | Published 2023-11-14 | Updated 2025-01-01 | Assigner microsoft

HIGH: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Problem types

CWE-125: Out-of-bounds Read

Product status

10.0.22631.0 before 10.0.22631.2715

affected

10.0.25398.0 before 10.0.25398.531

affected

10.0.22631.0 before 10.0.22631.2715

affected

10.0.17763.0 before 10.0.17763.5122

affected

10.0.0 before 10.0.17763.5122

affected

10.0.17763.0 before 10.0.17763.5122

affected

10.0.17763.0 before 10.0.17763.5122

affected

10.0.20348.0 before 10.0.20348.2113

affected

10.0.0 before 10.0.22000.2600

affected

10.0.19043.0 before 10.0.19043.3693

affected

10.0.22621.0 before 10.0.22621.2715

affected

10.0.19045.0 before 10.0.19045.3693

affected

10.0.10240.0 before 10.0.10240.20308

affected

10.0.14393.0 before 10.0.14393.6452

affected

10.0.14393.0 before 10.0.14393.6452

affected

10.0.14393.0 before 10.0.14393.6452

affected

6.0.6003.0 before 6.0.6003.22367

affected

6.0.6003.0 before 6.0.6003.22367

affected

6.0.6003.0 before 6.0.6003.22367

affected

6.1.7601.0 before 6.1.7601.26816

affected

6.1.7601.0 before 6.1.7601.26816

affected

6.2.9200.0 before 6.2.9200.24569

affected

6.2.9200.0 before 6.2.9200.24569

affected

6.3.9600.0 before 6.3.9600.21668

affected

6.3.9600.0 before 6.3.9600.21668

affected

References

msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36424 (Windows Common Log File System Driver Elevation of Privilege Vulnerability) vendor-advisory

cve.org (CVE-2023-36424)

nvd.nist.gov (CVE-2023-36424)

Download JSON