CVE-2023-23393

CVSS v3.1 7 (High)

EPSS 0.04 % (10^th)

Affected Products 8

Advisories 1

NVD Status Modified

Windows BrokerInfrastructure Service Elevation of Privilege Vulnerability

Weaknesses

CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE-591: Sensitive Data Storage in Improperly Locked Memory

CVE Status: PUBLISHED
NVD Status: Modified
CNA: Microsoft Corporation
Published Date: 2023-03-14 17:15:12
(18 months ago)
Updated Date: 2024-05-29 04:15:14
(3 months ago)

Affected Products

Microsoft

Configuration #1

		CPE23	From	Up To
	Microsoft Windows 10 1809 prior 10.0.17763.4131 version	cpe:2.3:o:microsoft:windows_10_1809		< 10.0.17763.4131
	Microsoft Windows 10 20h2 prior 10.0.19042.2728 version	cpe:2.3:o:microsoft:windows_10_20h2		< 10.0.19042.2728
	Microsoft Windows 10 21h2 prior 10.0.19044.2728 version	cpe:2.3:o:microsoft:windows_10_21h2		< 10.0.19044.2728
	Microsoft Windows 10 22h2 prior 10.0.19045.2728 version	cpe:2.3:o:microsoft:windows_10_22h2		< 10.0.19045.2728
	Microsoft Windows 11 21h2 prior 10.0.22000.1696 version	cpe:2.3:o:microsoft:windows_11_21h2		< 10.0.22000.1696
	Microsoft Windows 11 22h2 prior 10.0.22000.1413 version	cpe:2.3:o:microsoft:windows_11_22h2		< 10.0.22000.1413
	Microsoft Windows Server 2019	cpe:2.3:o:microsoft:windows_server_2019:-
	Microsoft Windows Server 2022	cpe:2.3:o:microsoft:windows_server_2022:-