PT-2023-6161 · Microsoft · Windows Graphics+1

Marcin Wiazowski

Publicado

2023-10-10

Atualizado

2024-05-29

CVE-2023-36594

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Windows Graphics Component (affected versions not specified)

Description The issue is related to an elevation-of-privilege vulnerability in the Windows Graphics Component, which is caused by insufficient access restrictions. This vulnerability can be exploited by an attacker to elevate their privileges. The vulnerability is also described as a type confusion local privilege escalation vulnerability.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

LPE

Type Confusion

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-843CWE-264

Identificadores relacionados

BDU:2023-06868

CVE-2023-36594

ZDI-23-1542

ZDI-23-1543

ZDI-23-1544

ZDI-23-1545

ZDI-23-1546

ZDI-23-1547

ZDI-23-1548

ZDI-23-1549

ZDI-23-1550

ZDI-23-1551

ZDI-23-1552

Produtos afetados

Windows

Windows Graphics

PT-2023-6161 · Microsoft · Windows Graphics+1

CVE-2023-36594

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 19