CVE-2023-21558

Опубликовано: 10 янв. 2023

Источник: msrc

CVSS3: 7.8

EPSS Низкий

Описание

Windows Error Reporting Service Elevation of Privilege Vulnerability

FAQ

What privileges could be gained by an attacker who successfully exploited the vulnerability?

An attacker who successfully exploited this vulnerability could gain specific limited SYSTEM privileges.

Обновления

Продукт	Статья	Обновление
Windows Server 2012	5022348 5022343	Monthly Rollup Security Only
Windows Server 2012 (Server Core installation)	5022348 5022343	Monthly Rollup Security Only
Windows 8.1 for 32-bit systems	5022352 5022346	Monthly Rollup Security Only
Windows 8.1 for x64-based systems	5022352 5022346	Monthly Rollup Security Only
Windows Server 2012 R2	5022352 5022346	Monthly Rollup Security Only
Windows RT 8.1	5022346	Security Only
Windows Server 2012 R2 (Server Core installation)	5022352 5022346	Monthly Rollup Security Only
Windows 10 for 32-bit Systems	5022297	Security Update
Windows 10 for x64-based Systems	5022297	Security Update
Windows Server 2016	5022289	Security Update

Показывать по

Возможность эксплуатации

Publicly Disclosed

Exploited

Latest Software Release

Exploitation Less Likely

Older Software Release

Exploitation Less Likely

DOS

N/A

EPSS

Процентиль: 46%

0.00236

Низкий

7.8 High

CVSS3

Связанные уязвимости

CVE-2023-21558

CVSS3: 7.8

nvd

больше 2 лет назад

Windows Error Reporting Service Elevation of Privilege Vulnerability

GHSA-qqq2-cqxh-535j

CVSS3: 7.8

github

больше 2 лет назад

Windows Error Reporting Service Elevation of Privilege Vulnerability.

BDU:2023-00521

CVSS3: 7.8

fstec

больше 2 лет назад

Уязвимость службы регистрации ошибок Windows Error Reporting операционных систем Windows, позволяющая нарушителю повысить свои привилегии

EPSS

Процентиль: 46%

0.00236

Низкий

7.8 High

CVSS3