Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2023-36422 (GCVE-0-2023-36422)
Vulnerability from cvelistv5 – Published: 2023-11-14 17:57 – Updated: 2025-10-09 00:00
VLAI
EPSS
Title
Microsoft Windows Defender Elevation of Privilege Vulnerability
Summary
Microsoft Windows Defender Elevation of Privilege Vulnerability
Severity
CWE
- CWE-426 - Untrusted Search Path
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Windows Defender Antimalware Platform |
Affected:
4.0.0.0 , < 4.18.23100.2009
(custom)
|
Date Public
2023-11-14 08:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:45:56.962Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Microsoft Windows Defender Elevation of Privilege Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36422"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-36422",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-23T16:57:54.365509Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-08T16:11:30.688Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"Unknown"
],
"product": "Windows Defender Antimalware Platform",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "4.18.23100.2009",
"status": "affected",
"version": "4.0.0.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:windows_defender:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.18.23100.2009",
"versionStartIncluding": "4.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2023-11-14T08:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Microsoft Windows Defender Elevation of Privilege Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-426",
"description": "CWE-426: Untrusted Search Path",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-09T00:00:08.439Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Microsoft Windows Defender Elevation of Privilege Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36422"
}
],
"title": "Microsoft Windows Defender Elevation of Privilege Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2023-36422",
"datePublished": "2023-11-14T17:57:10.156Z",
"dateReserved": "2023-06-21T15:14:27.785Z",
"dateUpdated": "2025-10-09T00:00:08.439Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2023-36422",
"date": "2026-05-30",
"epss": "0.00718",
"percentile": "0.72753"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:windows_defender:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"4.18.23100.2009\", \"matchCriteriaId\": \"83EEA2D2-DFF5-4FB0-8C62-AA54791249EA\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Microsoft Windows Defender Elevation of Privilege Vulnerability\"}, {\"lang\": \"es\", \"value\": \"Vulnerabilidad de elevaci\\u00f3n de privilegios de Microsoft Windows Defender.\"}]",
"id": "CVE-2023-36422",
"lastModified": "2024-11-21T08:09:43.247",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"secure@microsoft.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}]}",
"published": "2023-11-14T18:15:45.117",
"references": "[{\"url\": \"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36422\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36422\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}]",
"sourceIdentifier": "secure@microsoft.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"secure@microsoft.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-426\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2023-36422\",\"sourceIdentifier\":\"secure@microsoft.com\",\"published\":\"2023-11-14T18:15:45.117\",\"lastModified\":\"2024-11-21T08:09:43.247\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Microsoft Windows Defender Elevation of Privilege Vulnerability\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de elevaci\u00f3n de privilegios de Microsoft Windows Defender.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secure@microsoft.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"secure@microsoft.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-426\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:windows_defender:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.18.23100.2009\",\"matchCriteriaId\":\"83EEA2D2-DFF5-4FB0-8C62-AA54791249EA\"}]}]}],\"references\":[{\"url\":\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36422\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36422\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36422\", \"name\": \"Microsoft Windows Defender Elevation of Privilege Vulnerability\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T16:45:56.962Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-36422\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-02-23T16:57:54.365509Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-01-08T16:11:26.027Z\"}}], \"cna\": {\"title\": \"Microsoft Windows Defender Elevation of Privilege Vulnerability\", \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C\"}, \"scenarios\": [{\"lang\": \"en-US\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Microsoft\", \"product\": \"Windows Defender Antimalware Platform\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.0.0.0\", \"lessThan\": \"4.18.23100.2009\", \"versionType\": \"custom\"}], \"platforms\": [\"Unknown\"]}], \"datePublic\": \"2023-11-14T08:00:00.000Z\", \"references\": [{\"url\": \"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36422\", \"name\": \"Microsoft Windows Defender Elevation of Privilege Vulnerability\", \"tags\": [\"vendor-advisory\"]}], \"descriptions\": [{\"lang\": \"en-US\", \"value\": \"Microsoft Windows Defender Elevation of Privilege Vulnerability\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en-US\", \"type\": \"CWE\", \"cweId\": \"CWE-426\", \"description\": \"CWE-426: Untrusted Search Path\"}]}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:microsoft:windows_defender:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"4.18.23100.2009\", \"versionStartIncluding\": \"4.0.0.0\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"shortName\": \"microsoft\", \"dateUpdated\": \"2025-10-09T00:00:08.439Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2023-36422\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-09T00:00:08.439Z\", \"dateReserved\": \"2023-06-21T15:14:27.785Z\", \"assignerOrgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"datePublished\": \"2023-11-14T17:57:10.156Z\", \"assignerShortName\": \"microsoft\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
CERTFR-2023-AVI-0944
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans Microsoft Windows. Elles permettent à un attaquant de provoquer un déni de service, une atteinte à la confidentialité des données, une élévation de privilèges, un contournement de la fonctionnalité de sécurité, une exécution de code à distance et une usurpation d'identité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Microsoft | Windows | Windows Server 2022 | ||
| Microsoft | Windows | Windows Server 2012 | ||
| Microsoft | Windows | Windows 10 pour systèmes x64 | ||
| Microsoft | Windows | Windows 10 Version 1809 pour systèmes x64 | ||
| Microsoft | Windows | Windows Server 2019 (Server Core installation) | ||
| Microsoft | Windows | Windows Server 2019 | ||
| Microsoft | Windows | Windows Server 2012 R2 | ||
| Microsoft | Windows | Windows Server 2022 (Server Core installation) | ||
| Microsoft | Windows | Windows Defender Antimalware Platform | ||
| Microsoft | Windows | Windows 10 Version 1607 pour systèmes 32 bits | ||
| Microsoft | Windows | Windows 10 Version 21H2 pour systèmes ARM64 | ||
| Microsoft | Windows | Windows Server 2008 pour systèmes x64 Service Pack 2 | ||
| Microsoft | Windows | Windows 10 Version 1809 pour systèmes ARM64 | ||
| Microsoft | Windows | Windows 10 Version 1809 pour systèmes 32 bits | ||
| Microsoft | Windows | Windows 11 version 21H2 pour systèmes x64 | ||
| Microsoft | Windows | Windows Server 2016 (Server Core installation) | ||
| Microsoft | Windows | Windows 10 Version 22H2 pour systèmes x64 | ||
| Microsoft | Windows | Windows 11 Version 23H2 pour systèmes x64 | ||
| Microsoft | Windows | Windows 11 version 21H2 pour systèmes ARM64 | ||
| Microsoft | Windows | Windows 11 Version 23H2 pour systèmes ARM64 | ||
| Microsoft | Windows | Windows Server 2008 pour systèmes x64 Service Pack 2 (Server Core installation) | ||
| Microsoft | Windows | Windows Server 2008 pour systèmes 32 bits Service Pack 2 (Server Core installation) | ||
| Microsoft | Windows | Windows 10 Version 1607 pour systèmes x64 | ||
| Microsoft | Windows | Windows Server 2012 (Server Core installation) | ||
| Microsoft | Windows | Windows 10 Version 21H2 pour systèmes 32 bits | ||
| Microsoft | Windows | Windows 10 Version 21H2 pour systèmes x64 | ||
| Microsoft | Windows | Windows Server 2008 pour systèmes 32 bits Service Pack 2 | ||
| Microsoft | Windows | Windows Server 2008 R2 pour systèmes x64 Service Pack 1 | ||
| Microsoft | Windows | Windows 10 Version 22H2 pour systèmes 32 bits | ||
| Microsoft | Windows | Windows 11 Version 22H2 pour systèmes ARM64 | ||
| Microsoft | Windows | Windows Server 2022, 23H2 Edition (Server Core installation) | ||
| Microsoft | Windows | Windows Server 2016 | ||
| Microsoft | Windows | Windows Server 2008 R2 pour systèmes x64 Service Pack 1 (Server Core installation) | ||
| Microsoft | Windows | Windows Server 2012 R2 (Server Core installation) | ||
| Microsoft | Windows | Windows 10 pour systèmes 32 bits | ||
| Microsoft | Windows | Windows 10 Version 22H2 pour systèmes ARM64 | ||
| Microsoft | Windows | Windows 11 Version 22H2 pour systèmes x64 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Windows Server 2022",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 pour syst\u00e8mes x64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1809 pour syst\u00e8mes x64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2019 (Server Core installation)",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2019",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 R2",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2022 (Server Core installation)",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Defender Antimalware Platform",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1607 pour syst\u00e8mes 32 bits",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 21H2 pour syst\u00e8mes ARM64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 pour syst\u00e8mes x64 Service Pack 2",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1809 pour syst\u00e8mes ARM64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1809 pour syst\u00e8mes 32 bits",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 version 21H2 pour syst\u00e8mes x64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2016 (Server Core installation)",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 22H2 pour syst\u00e8mes x64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 23H2 pour syst\u00e8mes x64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 version 21H2 pour syst\u00e8mes ARM64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 23H2 pour syst\u00e8mes ARM64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 pour syst\u00e8mes x64 Service Pack 2 (Server Core installation)",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 pour syst\u00e8mes 32 bits Service Pack 2 (Server Core installation)",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1607 pour syst\u00e8mes x64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 (Server Core installation)",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 21H2 pour syst\u00e8mes 32 bits",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 21H2 pour syst\u00e8mes x64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 pour syst\u00e8mes 32 bits Service Pack 2",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 R2 pour syst\u00e8mes x64 Service Pack 1",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 22H2 pour syst\u00e8mes 32 bits",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 22H2 pour syst\u00e8mes ARM64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2022, 23H2 Edition (Server Core installation)",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2016",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 R2 pour syst\u00e8mes x64 Service Pack 1 (Server Core installation)",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 R2 (Server Core installation)",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 pour syst\u00e8mes 32 bits",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 22H2 pour syst\u00e8mes ARM64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 22H2 pour syst\u00e8mes x64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-36428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36428"
},
{
"name": "CVE-2023-36400",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36400"
},
{
"name": "CVE-2023-36395",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36395"
},
{
"name": "CVE-2023-36017",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36017"
},
{
"name": "CVE-2023-36047",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36047"
},
{
"name": "CVE-2023-36423",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36423"
},
{
"name": "CVE-2023-36398",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36398"
},
{
"name": "CVE-2023-36394",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36394"
},
{
"name": "CVE-2023-36401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36401"
},
{
"name": "CVE-2023-36028",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36028"
},
{
"name": "CVE-2023-36406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36406"
},
{
"name": "CVE-2023-36036",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36036"
},
{
"name": "CVE-2023-36397",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36397"
},
{
"name": "CVE-2023-36405",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36405"
},
{
"name": "CVE-2023-36407",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36407"
},
{
"name": "CVE-2023-36403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36403"
},
{
"name": "CVE-2023-36427",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36427"
},
{
"name": "CVE-2023-36408",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36408"
},
{
"name": "CVE-2023-36396",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36396"
},
{
"name": "CVE-2023-36424",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36424"
},
{
"name": "CVE-2023-36025",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36025"
},
{
"name": "CVE-2023-36425",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36425"
},
{
"name": "CVE-2023-36033",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36033"
},
{
"name": "CVE-2023-36046",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36046"
},
{
"name": "CVE-2023-36392",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36392"
},
{
"name": "CVE-2023-24023",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24023"
},
{
"name": "CVE-2023-36399",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36399"
},
{
"name": "CVE-2023-36404",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36404"
},
{
"name": "CVE-2023-36422",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36422"
},
{
"name": "CVE-2023-36393",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36393"
},
{
"name": "CVE-2023-36719",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36719"
},
{
"name": "CVE-2023-36402",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36402"
},
{
"name": "CVE-2023-36705",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36705"
}
],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36407 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36407"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36396 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36396"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36401 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36401"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36402 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36402"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36394 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36394"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36405 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36405"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36025 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36025"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36428 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36428"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36047 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36047"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36036 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36036"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-24023 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24023"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36393 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36393"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36399 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36399"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36017 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36017"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36425 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36425"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36424 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36424"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36392 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36392"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36397 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36397"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36400 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36400"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36403 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36403"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36705 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36705"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36395 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36395"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36046 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36046"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36033 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36033"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36404 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36404"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36406 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36406"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36719 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36719"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36028 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36028"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36423 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36423"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36427 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36427"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36408 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36408"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36422 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36422"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36398 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36398"
}
],
"reference": "CERTFR-2023-AVI-0944",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-11-15T00:00:00.000000"
}
],
"risks": [
{
"description": "Usurpation d\u0027identit\u00e9"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la fonctionnalit\u00e9 de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eMicrosoft Windows\u003c/span\u003e. Elles permettent \u00e0 un attaquant\nde provoquer un d\u00e9ni de service, une atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es, une \u00e9l\u00e9vation de privil\u00e8ges, un contournement de la\nfonctionnalit\u00e9 de s\u00e9curit\u00e9, une ex\u00e9cution de code \u00e0 distance et une\nusurpation d\u0027identit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Windows",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/"
}
]
}
CERTFR-2023-AVI-0944
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans Microsoft Windows. Elles permettent à un attaquant de provoquer un déni de service, une atteinte à la confidentialité des données, une élévation de privilèges, un contournement de la fonctionnalité de sécurité, une exécution de code à distance et une usurpation d'identité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Microsoft | Windows | Windows Server 2022 | ||
| Microsoft | Windows | Windows Server 2012 | ||
| Microsoft | Windows | Windows 10 pour systèmes x64 | ||
| Microsoft | Windows | Windows 10 Version 1809 pour systèmes x64 | ||
| Microsoft | Windows | Windows Server 2019 (Server Core installation) | ||
| Microsoft | Windows | Windows Server 2019 | ||
| Microsoft | Windows | Windows Server 2012 R2 | ||
| Microsoft | Windows | Windows Server 2022 (Server Core installation) | ||
| Microsoft | Windows | Windows Defender Antimalware Platform | ||
| Microsoft | Windows | Windows 10 Version 1607 pour systèmes 32 bits | ||
| Microsoft | Windows | Windows 10 Version 21H2 pour systèmes ARM64 | ||
| Microsoft | Windows | Windows Server 2008 pour systèmes x64 Service Pack 2 | ||
| Microsoft | Windows | Windows 10 Version 1809 pour systèmes ARM64 | ||
| Microsoft | Windows | Windows 10 Version 1809 pour systèmes 32 bits | ||
| Microsoft | Windows | Windows 11 version 21H2 pour systèmes x64 | ||
| Microsoft | Windows | Windows Server 2016 (Server Core installation) | ||
| Microsoft | Windows | Windows 10 Version 22H2 pour systèmes x64 | ||
| Microsoft | Windows | Windows 11 Version 23H2 pour systèmes x64 | ||
| Microsoft | Windows | Windows 11 version 21H2 pour systèmes ARM64 | ||
| Microsoft | Windows | Windows 11 Version 23H2 pour systèmes ARM64 | ||
| Microsoft | Windows | Windows Server 2008 pour systèmes x64 Service Pack 2 (Server Core installation) | ||
| Microsoft | Windows | Windows Server 2008 pour systèmes 32 bits Service Pack 2 (Server Core installation) | ||
| Microsoft | Windows | Windows 10 Version 1607 pour systèmes x64 | ||
| Microsoft | Windows | Windows Server 2012 (Server Core installation) | ||
| Microsoft | Windows | Windows 10 Version 21H2 pour systèmes 32 bits | ||
| Microsoft | Windows | Windows 10 Version 21H2 pour systèmes x64 | ||
| Microsoft | Windows | Windows Server 2008 pour systèmes 32 bits Service Pack 2 | ||
| Microsoft | Windows | Windows Server 2008 R2 pour systèmes x64 Service Pack 1 | ||
| Microsoft | Windows | Windows 10 Version 22H2 pour systèmes 32 bits | ||
| Microsoft | Windows | Windows 11 Version 22H2 pour systèmes ARM64 | ||
| Microsoft | Windows | Windows Server 2022, 23H2 Edition (Server Core installation) | ||
| Microsoft | Windows | Windows Server 2016 | ||
| Microsoft | Windows | Windows Server 2008 R2 pour systèmes x64 Service Pack 1 (Server Core installation) | ||
| Microsoft | Windows | Windows Server 2012 R2 (Server Core installation) | ||
| Microsoft | Windows | Windows 10 pour systèmes 32 bits | ||
| Microsoft | Windows | Windows 10 Version 22H2 pour systèmes ARM64 | ||
| Microsoft | Windows | Windows 11 Version 22H2 pour systèmes x64 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Windows Server 2022",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 pour syst\u00e8mes x64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1809 pour syst\u00e8mes x64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2019 (Server Core installation)",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2019",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 R2",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2022 (Server Core installation)",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Defender Antimalware Platform",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1607 pour syst\u00e8mes 32 bits",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 21H2 pour syst\u00e8mes ARM64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 pour syst\u00e8mes x64 Service Pack 2",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1809 pour syst\u00e8mes ARM64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1809 pour syst\u00e8mes 32 bits",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 version 21H2 pour syst\u00e8mes x64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2016 (Server Core installation)",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 22H2 pour syst\u00e8mes x64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 23H2 pour syst\u00e8mes x64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 version 21H2 pour syst\u00e8mes ARM64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 23H2 pour syst\u00e8mes ARM64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 pour syst\u00e8mes x64 Service Pack 2 (Server Core installation)",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 pour syst\u00e8mes 32 bits Service Pack 2 (Server Core installation)",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1607 pour syst\u00e8mes x64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 (Server Core installation)",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 21H2 pour syst\u00e8mes 32 bits",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 21H2 pour syst\u00e8mes x64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 pour syst\u00e8mes 32 bits Service Pack 2",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 R2 pour syst\u00e8mes x64 Service Pack 1",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 22H2 pour syst\u00e8mes 32 bits",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 22H2 pour syst\u00e8mes ARM64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2022, 23H2 Edition (Server Core installation)",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2016",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 R2 pour syst\u00e8mes x64 Service Pack 1 (Server Core installation)",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 R2 (Server Core installation)",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 pour syst\u00e8mes 32 bits",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 22H2 pour syst\u00e8mes ARM64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 22H2 pour syst\u00e8mes x64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-36428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36428"
},
{
"name": "CVE-2023-36400",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36400"
},
{
"name": "CVE-2023-36395",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36395"
},
{
"name": "CVE-2023-36017",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36017"
},
{
"name": "CVE-2023-36047",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36047"
},
{
"name": "CVE-2023-36423",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36423"
},
{
"name": "CVE-2023-36398",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36398"
},
{
"name": "CVE-2023-36394",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36394"
},
{
"name": "CVE-2023-36401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36401"
},
{
"name": "CVE-2023-36028",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36028"
},
{
"name": "CVE-2023-36406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36406"
},
{
"name": "CVE-2023-36036",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36036"
},
{
"name": "CVE-2023-36397",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36397"
},
{
"name": "CVE-2023-36405",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36405"
},
{
"name": "CVE-2023-36407",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36407"
},
{
"name": "CVE-2023-36403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36403"
},
{
"name": "CVE-2023-36427",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36427"
},
{
"name": "CVE-2023-36408",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36408"
},
{
"name": "CVE-2023-36396",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36396"
},
{
"name": "CVE-2023-36424",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36424"
},
{
"name": "CVE-2023-36025",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36025"
},
{
"name": "CVE-2023-36425",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36425"
},
{
"name": "CVE-2023-36033",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36033"
},
{
"name": "CVE-2023-36046",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36046"
},
{
"name": "CVE-2023-36392",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36392"
},
{
"name": "CVE-2023-24023",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24023"
},
{
"name": "CVE-2023-36399",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36399"
},
{
"name": "CVE-2023-36404",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36404"
},
{
"name": "CVE-2023-36422",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36422"
},
{
"name": "CVE-2023-36393",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36393"
},
{
"name": "CVE-2023-36719",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36719"
},
{
"name": "CVE-2023-36402",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36402"
},
{
"name": "CVE-2023-36705",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36705"
}
],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36407 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36407"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36396 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36396"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36401 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36401"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36402 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36402"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36394 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36394"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36405 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36405"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36025 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36025"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36428 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36428"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36047 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36047"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36036 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36036"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-24023 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24023"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36393 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36393"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36399 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36399"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36017 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36017"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36425 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36425"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36424 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36424"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36392 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36392"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36397 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36397"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36400 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36400"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36403 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36403"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36705 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36705"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36395 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36395"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36046 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36046"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36033 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36033"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36404 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36404"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36406 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36406"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36719 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36719"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36028 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36028"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36423 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36423"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36427 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36427"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36408 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36408"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36422 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36422"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36398 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36398"
}
],
"reference": "CERTFR-2023-AVI-0944",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-11-15T00:00:00.000000"
}
],
"risks": [
{
"description": "Usurpation d\u0027identit\u00e9"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la fonctionnalit\u00e9 de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eMicrosoft Windows\u003c/span\u003e. Elles permettent \u00e0 un attaquant\nde provoquer un d\u00e9ni de service, une atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es, une \u00e9l\u00e9vation de privil\u00e8ges, un contournement de la\nfonctionnalit\u00e9 de s\u00e9curit\u00e9, une ex\u00e9cution de code \u00e0 distance et une\nusurpation d\u0027identit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Windows",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/"
}
]
}
Title
Уязвимость Защитника Microsoft (Windows Defender) операционных систем Windows, позволяющая нарушителю повысить свои привилегии
Description
Уязвимость Защитника Microsoft (Windows Defender) операционных систем Windows связана с недостатками разграничения доступа. Эксплуатация уязвимости может позволить нарушителю повысить свои привилегии
Severity
Vendor
Microsoft Corp
Software Name
Windows Defender
Software Version
до 4.18.23100.2009 (Windows Defender)
Possible Mitigations
Использование рекомендаций производителя:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36422
Reference
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36422
https://www.cybersecurity-help.cz/vdb/SB2023111434
CWE
CWE-264
{
"CVSS 2.0": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"CVSS 3.0": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Microsoft Corp",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u0434\u043e 4.18.23100.2009 (Windows Defender)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f:\nhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36422",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "14.11.2023",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "11.01.2024",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "11.01.2024",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2024-00145",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2023-36422",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Windows Defender",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0417\u0430\u0449\u0438\u0442\u043d\u0438\u043a\u0430 Microsoft (Windows Defender) \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c Windows, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0420\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u044f, \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0438 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c (CWE-264)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0417\u0430\u0449\u0438\u0442\u043d\u0438\u043a\u0430 Microsoft (Windows Defender) \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c Windows \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430\u043c\u0438 \u0440\u0430\u0437\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u0435 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36422\nhttps://www.cybersecurity-help.cz/vdb/SB2023111434",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u0421\u0440\u0435\u0434\u0441\u0442\u0432\u043e \u0437\u0430\u0449\u0438\u0442\u044b, \u041f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e \u0437\u0430\u0449\u0438\u0442\u044b",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-264",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,8)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,8)"
}
FKIE_CVE-2023-36422
Vulnerability from fkie_nvd - Published: 2023-11-14 18:15 - Updated: 2024-11-21 08:09
Severity
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Microsoft Windows Defender Elevation of Privilege Vulnerability
References
| URL | Tags | ||
|---|---|---|---|
| secure@microsoft.com | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36422 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36422 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microsoft | windows_defender | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:windows_defender:*:*:*:*:*:*:*:*",
"matchCriteriaId": "83EEA2D2-DFF5-4FB0-8C62-AA54791249EA",
"versionEndExcluding": "4.18.23100.2009",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Microsoft Windows Defender Elevation of Privilege Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de elevaci\u00f3n de privilegios de Microsoft Windows Defender."
}
],
"id": "CVE-2023-36422",
"lastModified": "2024-11-21T08:09:43.247",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "secure@microsoft.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-11-14T18:15:45.117",
"references": [
{
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36422"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36422"
}
],
"sourceIdentifier": "secure@microsoft.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-426"
}
],
"source": "secure@microsoft.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-M2VM-JCGV-Q6X4
Vulnerability from github – Published: 2023-11-14 18:30 – Updated: 2023-11-14 18:30
VLAI
Details
Microsoft Windows Defender Elevation of Privilege Vulnerability
Severity
7.8 (High)
{
"affected": [],
"aliases": [
"CVE-2023-36422"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-11-14T18:15:45Z",
"severity": "HIGH"
},
"details": "Microsoft Windows Defender Elevation of Privilege Vulnerability",
"id": "GHSA-m2vm-jcgv-q6x4",
"modified": "2023-11-14T18:30:29Z",
"published": "2023-11-14T18:30:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-36422"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36422"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GSD-2023-36422
Vulnerability from gsd - Updated: 2023-12-13 01:20Details
Microsoft Windows Defender Elevation of Privilege Vulnerability
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2023-36422",
"id": "GSD-2023-36422"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2023-36422"
],
"details": "Microsoft Windows Defender Elevation of Privilege Vulnerability",
"id": "GSD-2023-36422",
"modified": "2023-12-13T01:20:34.505117Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2023-36422",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Windows Defender Antimalware Platform",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "4.0.0.0",
"version_value": "4.18.23100.2009"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Microsoft Windows Defender Elevation of Privilege Vulnerability"
}
]
},
"impact": {
"cvss": [
{
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36422",
"refsource": "MISC",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36422"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:microsoft:windows_defender:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.18.23100.2009",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2023-36422"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Microsoft Windows Defender Elevation of Privilege Vulnerability"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "Microsoft Windows Defender Elevation of Privilege Vulnerability",
"refsource": "",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36422"
}
]
}
},
"impact": {
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
},
"lastModifiedDate": "2023-11-20T20:17Z",
"publishedDate": "2023-11-14T18:15Z"
}
}
}
MSRC_CVE-2023-36422
Vulnerability from csaf_microsoft - Published: 2023-11-14 08:00 - Updated: 2023-11-14 08:00Summary
Microsoft Windows Defender Elevation of Privilege Vulnerability
Severity
Important
Notes
Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
Customer Action: Required. The vulnerability documented by this CVE requires customer action to resolve.
CWE-426
- Untrusted Search Path
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Windows Defender Antimalware Platform 4.18.23100.2009
Windows Defender Antimalware Platform
|
4.18.23100.2009 |
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Windows Defender Antimalware Platform <4.18.23100.2009
Windows Defender Antimalware Platform
|
<4.18.23100.2009 |
Vendor Fix
fix
|
Threats
Impact
Elevation of Privilege
Exploit Status
Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely
References
7 references
| URL | Category |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | self |
| https://msrc.microsoft.com/csaf/advisories/2023/m… | self |
| https://www.microsoft.com/en-us/msrc/exploitabili… | external |
| https://support.microsoft.com/lifecycle | external |
| https://www.first.org/cvss | external |
| https://msrc.microsoft.com/update-guide/vulnerabi… | self |
| https://msrc.microsoft.com/csaf/advisories/2023/m… | self |
Acknowledgments
<a href="https://www.linkedin.com/in/sascha-meyer-7656201a8/">Sascha Meyer</a> with <a href="https://gai-netconsult.de/index.php">GAI NetConsult GmbH</a>
{
"document": {
"acknowledgments": [
{
"names": [
"\u003ca href=\"https://www.linkedin.com/in/sascha-meyer-7656201a8/\"\u003eSascha Meyer\u003c/a\u003e with \u003ca href=\"https://gai-netconsult.de/index.php\"\u003eGAI NetConsult GmbH\u003c/a\u003e"
]
}
],
"aggregate_severity": {
"namespace": "https://www.microsoft.com/en-us/msrc/security-update-severity-rating-system",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
},
{
"category": "general",
"text": "Required. The vulnerability documented by this CVE requires customer action to resolve.",
"title": "Customer Action"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2023-36422 Microsoft Windows Defender Elevation of Privilege Vulnerability - HTML",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36422"
},
{
"category": "self",
"summary": "CVE-2023-36422 Microsoft Windows Defender Elevation of Privilege Vulnerability - CSAF",
"url": "https://msrc.microsoft.com/csaf/advisories/2023/msrc_cve-2023-36422.json"
},
{
"category": "external",
"summary": "Microsoft Exploitability Index",
"url": "https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "Microsoft Windows Defender Elevation of Privilege Vulnerability",
"tracking": {
"current_release_date": "2023-11-14T08:00:00.000Z",
"generator": {
"date": "2025-04-29T23:34:11.336Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2023-36422",
"initial_release_date": "2023-11-14T08:00:00.000Z",
"revision_history": [
{
"date": "2023-11-14T08:00:00.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.18.23100.2009",
"product": {
"name": "Windows Defender Antimalware Platform \u003c4.18.23100.2009",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "4.18.23100.2009",
"product": {
"name": "Windows Defender Antimalware Platform 4.18.23100.2009",
"product_id": "11744"
}
}
],
"category": "product_name",
"name": "Windows Defender Antimalware Platform"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-36422",
"cwe": {
"id": "CWE-426",
"name": "Untrusted Search Path"
},
"notes": [
{
"category": "general",
"text": "Microsoft",
"title": "Assigning CNA"
},
{
"category": "faq",
"text": "An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.",
"title": "What privileges could be gained by an attacker who successfully exploited this vulnerability?"
},
{
"category": "faq",
"text": "Last version of the Windows Defender Antimalware Platform affected by this vulnerability: Last version of the Windows Defender Antimalware Platform affected by this vulnerability, Version 4.18.23070.1004: Version 4.18.23070.1004, First version of the Windows Defender Antimalware Platform with this vulnerability addressed: First version of the Windows Defender Antimalware Platform with this vulnerability addressed, Version 4.18.23100.2009: Version 4.18.23100.2009\nSee Manage Updates Baselines Microsoft Defender Antivirus for more information.\nVulnerability scanners are looking for specific binaries and version numbers on devices. Microsoft Defender files are still on disk even when disabled. Systems that have disabled Microsoft Defender are not in an exploitable state.\nIn response to a constantly changing threat landscape, Microsoft frequently updates malware definitions and the Windows Defender Antimalware Platform. In order to be effective in helping protect against new and prevalent threats, antimalware software must be kept up to date with these updates in a timely manner.\nFor enterprise deployments as well as end users, the default configuration in Microsoft antimalware software helps ensure that malware definitions and the Windows Defender Antimalware Platform are kept up to date automatically. Product documentation also recommends that products are configured for automatic updating.\nBest practices recommend that customers regularly verify whether software distribution, such as the automatic deployment of Windows Defender Antimalware Platform updates and malware definitions, is working as expected in their environment.\nMicrosoft typically releases an update for the Windows Defender Antimalware Platform once a month or as needed to protect against new threats. Microsoft also typically updates the malware definitions three times daily and can increase the frequency when needed.\nDepending on which Microsoft antimalware software is used and how it is configured, the software may search for platform, engine and definition updates every day when connected to the Internet, up to multiple times daily. Customers can also choose to manually check for updates at any time.\nThe Windows Defender Antimalware Platform is a collection of user-mode binaries (e.g. MsMpEng.exe) and kernel-mode drivers that run on top of Windows to keep devices protected against new and prevalent threats.\nDefender runs on all supported versions of Windows.\nYes, Microsoft System Center Endpoint Protection, Microsoft System Center 2012 R2 Endpoint Protection, Microsoft System Center 2012 Endpoint Protection and Microsoft Security Essentials.\nYes.\u00a0 In addition to the changes that are listed for this vulnerability, this update includes defense-in-depth updates to help improve security-related features.\nCustomers should verify that the latest version of the Microsoft Malware Protection Platform and definition updates are being actively downloaded and installed for their Microsoft antimalware products.\nOpen the Windows Security program. For example, type Security in the Search bar, and select the Windows Security program.\nIn the navigation pane, select Virus \u0026amp; threat protection.\nUnder Virus \u0026amp; threat protection updates in the main window, select Check for updates.\nSelect Check for updates again.\nIn the navigation pane, select Settings, and then select About.\nExamine the Platform Version number. The update was successfully installed if the Malware Protection Platform version number or the signature package version number matches or exceeds the version number that you are trying to verify as installed.",
"title": "Microsoft Defender is disabled in my environment, why are vulnerability scanners showing that I am vulnerable to this issue?"
}
],
"product_status": {
"fixed": [
"11744"
],
"known_affected": [
"1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-36422 Microsoft Windows Defender Elevation of Privilege Vulnerability - HTML",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36422"
},
{
"category": "self",
"summary": "CVE-2023-36422 Microsoft Windows Defender Elevation of Privilege Vulnerability - CSAF",
"url": "https://msrc.microsoft.com/csaf/advisories/2023/msrc_cve-2023-36422.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T08:00:00.000Z",
"details": "4.18.23100.2009:Security Update:https://www.microsoft.com/en-us/wdsi/defenderupdates",
"product_ids": [
"1"
],
"url": "https://www.microsoft.com/en-us/wdsi/defenderupdates"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalsScore": 0.0,
"exploitCodeMaturity": "UNPROVEN",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"remediationLevel": "OFFICIAL_FIX",
"reportConfidence": "CONFIRMED",
"scope": "UNCHANGED",
"temporalScore": 6.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Elevation of Privilege"
},
{
"category": "exploit_status",
"details": "Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely"
}
],
"title": "Microsoft Windows Defender Elevation of Privilege Vulnerability"
}
]
}
WID-SEC-W-2023-2891
Vulnerability from csaf_certbund - Published: 2023-11-14 23:00 - Updated: 2023-11-14 23:00Summary
Microsoft Windows Defender: Mehrere Schwachstellen
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Windows Defender ist in Windows integriert, um Ihren PC in Echtzeit vor Viren, Spyware und anderer Schadsoftware zu schützen.
Der Microsoft System Center Operations Manager stellt über eine einzige Benutzeroberfläche einen tiefen Einblick in die Integrität, Leistung und Verfügbarkeit Ihrer Rechenzentrumsumgebungen bereit - und das über unterschiedlichste Anwendungen, Betriebssysteme, Hypervisoren und Hardware hinweg.
Angriff: Ein lokaler Angreifer kann mehrere Schwachstellen in Microsoft Windows Defender, Microsoft System Center 2016 Operations Manager, Microsoft System Center 2019 Operations Manager und Microsoft System Center 2022 Operations Manager ausnutzen, um Informationen offenzulegen oder seine Privilegien zu erweitern.
Betroffene Betriebssysteme: - Windows
In Microsoft Windows Defender existiert eine Schwachstelle. Microsoft veröffentlicht keine weiteren Details zu dieser Schwachstelle. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um seine Privilegien zu erweitern.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Defender Antimalware Platform
Microsoft
|
cpe:/a:microsoft:windows_defender:credential_guard
|
— |
In Microsoft System Center 2016 Operations Manager, Microsoft System Center 2019 Operations Manager und Microsoft System Center 2022 Operations Manager existieren mehrere Schwachstellen. Microsoft veröffentlicht hierzu keine Details. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um Informationen offenzulegen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft System Center 2019 Operations Manager
Microsoft
|
cpe:/a:microsoft:system_center_2019_operations_manager:-
|
— | |
|
Microsoft System Center 2016 Operations Manager
Microsoft
|
cpe:/a:microsoft:system_center_2016_operations_manager:-
|
— | |
|
Microsoft System Center 2022 Operations Manager
Microsoft
|
cpe:/a:microsoft:system_center_operations_manager:-
|
— |
References
3 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Windows Defender ist in Windows integriert, um Ihren PC in Echtzeit vor Viren, Spyware und anderer Schadsoftware zu sch\u00fctzen. \r\nDer Microsoft System Center Operations Manager stellt \u00fcber eine einzige Benutzeroberfl\u00e4che einen tiefen Einblick in die Integrit\u00e4t, Leistung und Verf\u00fcgbarkeit Ihrer Rechenzentrumsumgebungen bereit - und das \u00fcber unterschiedlichste Anwendungen, Betriebssysteme, Hypervisoren und Hardware hinweg.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein lokaler Angreifer kann mehrere Schwachstellen in Microsoft Windows Defender, Microsoft System Center 2016 Operations Manager, Microsoft System Center 2019 Operations Manager und Microsoft System Center 2022 Operations Manager ausnutzen, um Informationen offenzulegen oder seine Privilegien zu erweitern.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-2891 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2891.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-2891 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2891"
},
{
"category": "external",
"summary": "Microsoft Leitfaden f\u00fcr Sicherheitsupdates vom 2023-11-14",
"url": "https://msrc.microsoft.com/update-guide"
}
],
"source_lang": "en-US",
"title": "Microsoft Windows Defender: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2023-11-14T23:00:00.000+00:00",
"generator": {
"date": "2024-08-15T18:01:29.427+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-2891",
"initial_release_date": "2023-11-14T23:00:00.000+00:00",
"revision_history": [
{
"date": "2023-11-14T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Microsoft System Center 2016 Operations Manager",
"product": {
"name": "Microsoft System Center 2016 Operations Manager",
"product_id": "T031101",
"product_identification_helper": {
"cpe": "cpe:/a:microsoft:system_center_2016_operations_manager:-"
}
}
},
{
"category": "product_name",
"name": "Microsoft System Center 2019 Operations Manager",
"product": {
"name": "Microsoft System Center 2019 Operations Manager",
"product_id": "T031102",
"product_identification_helper": {
"cpe": "cpe:/a:microsoft:system_center_2019_operations_manager:-"
}
}
},
{
"category": "product_name",
"name": "Microsoft System Center 2022 Operations Manager",
"product": {
"name": "Microsoft System Center 2022 Operations Manager",
"product_id": "T031103",
"product_identification_helper": {
"cpe": "cpe:/a:microsoft:system_center_operations_manager:-"
}
}
},
{
"category": "product_name",
"name": "Microsoft Windows Defender Antimalware Platform",
"product": {
"name": "Microsoft Windows Defender Antimalware Platform",
"product_id": "T024301",
"product_identification_helper": {
"cpe": "cpe:/a:microsoft:windows_defender:credential_guard"
}
}
}
],
"category": "vendor",
"name": "Microsoft"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-36422",
"notes": [
{
"category": "description",
"text": "In Microsoft Windows Defender existiert eine Schwachstelle. Microsoft ver\u00f6ffentlicht keine weiteren Details zu dieser Schwachstelle. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T024301"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-36422"
},
{
"cve": "CVE-2023-36043",
"notes": [
{
"category": "description",
"text": "In Microsoft System Center 2016 Operations Manager, Microsoft System Center 2019 Operations Manager und Microsoft System Center 2022 Operations Manager existieren mehrere Schwachstellen. Microsoft ver\u00f6ffentlicht hierzu keine Details. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um Informationen offenzulegen."
}
],
"product_status": {
"known_affected": [
"T031102",
"T031101",
"T031103"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-36043"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…