CVE-2023-29360
CVSS v3.1
8.4 (High)
EPSS
0.51 % (77th)
Affected Products
9
Advisories
2
NVD Status
Analyzed
Microsoft Streaming Service Elevation of Privilege Vulnerability
Weaknesses
- CWE-822
- Untrusted Pointer Dereference
- CWE-NVD-noinfo
- CVE Status
- PUBLISHED
- NVD Status
- Analyzed
- CNA
- Microsoft Corporation
- Published Date
-
2023-06-14 00:15:10
(15 months ago) - Updated Date
-
2024-06-10 15:29:38
(3 months ago)
Microsoft Streaming Service Untrusted Pointer Dereference Vulnerability (CISA - Known Exploited Vulnerabilities Catalog)
- Description
- Microsoft Streaming Service contains an untrusted pointer dereference vulnerability that allows for privilege escalation, enabling a local attacker to gain SYSTEM privileges.
- Required Action
- Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
- Known to be Used in Ransomware Campaigns
- Unknown
- Notes
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29360 ;https://nvd.nist.gov/vuln/detail/CVE-2023-29360
- Vendor
- Microsoft
- Product
- Streaming Service
- In CISA Catalog from
-
2024-02-29
(6 months ago) - Due Date
-
2024-03-21
(6 months ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...