⚠ Actively exploited

Added to CISA KEV on 2023-10-04. Federal agencies required to patch by 2023-10-25. Required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable..

CVE-2023-28229

CWE-591 CWE-6626 documents6 sources

Severity

7.0HIGH

EPSS

10.2%

top 6.86%

CISA KEV

KEV

Added 2023-10-04

Due 2023-10-25

Exploit

Exploited in wild

Active exploitation observed

Affected products

Microsoft Windows 10 Version 1507 Microsoft Windows 10 Version 1607 Microsoft Windows 10 Version 1809 +27 more

Timeline

PublishedApr 11

KEV addedOct 4

KEV dueOct 25

CISA Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Description

Windows CNG Key Isolation Service Elevation of Privilege Vulnerability

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.0 | Impact: 5.9

Affected Packages30 packages

▶CVEListV5microsoft/windows_server_2008_service_pack_26.0.6003.0 — 6.0.6003.22015

▶CVEListV5microsoft/windows_server_2008_r2_service_pack_16.1.7601.0 — 6.1.7601.26466

▶CVEListV5microsoft/windows_server_2008_service_pack_2_(server_core_installation)6.0.6003.0 — 6.0.6003.22015

▶CVEListV5microsoft/windows_server_2008_r2_service_pack_1_(server_core_installation)6.1.7601.0 — 6.1.7601.26466

▶NVDmicrosoft/windows_10_1507< 10.0.10240.19869

Patches

Patch: msrc.microsoft.com ↗Patch: msrc.microsoft.com ↗

🔴Vulnerability Details

CVEList

Windows CNG Key Isolation Service Elevation of Privilege Vulnerability↗2023-04-11

▶

GHSA

GHSA-62cg-xhwr-xf37: Windows CNG Key Isolation Service Elevation of Privilege Vulnerability↗2023-04-11

▶

VulnCheck

Microsoft Windows CNG Key Isolation Service Privilege Escalation Vulnerability↗2023

▶

📋Vendor Advisories

CISA

Microsoft Windows CNG Key Isolation Service Privilege Escalation Vulnerability↗2023-10-04

▶

Microsoft

Windows CNG Key Isolation Service Elevation of Privilege Vulnerability↗2023-04-11

▶