CVE-2023-35312
published 2023-07-11CVE-2023-35312: Microsoft VOLSNAP.SYS Elevation of Privilege Vulnerability
PriorityP339high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EPSS
0.51%
39.1th percentile
Microsoft VOLSNAP.SYS Elevation of Privilege Vulnerability
Affected
36 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_10_1507 | < 10.0.10240.20048 | 10.0.10240.20048 |
| microsoft | windows_10_1607 | < 10.0.14393.6085 | 10.0.14393.6085 |
| microsoft | windows_10_1809 | < 10.0.17763.4645 | 10.0.17763.4645 |
| microsoft | windows_10_21h2 | < 10.0.19041.3208 | 10.0.19041.3208 |
| microsoft | windows_10_22h2 | < 10.0.19045.3208 | 10.0.19045.3208 |
| microsoft | windows_10_version_1507 | >= 10.0.10240.0 < 10.0.10240.20048 | 10.0.10240.20048 |
| microsoft | windows_10_version_1607 | >= 10.0.14393.0 < 10.0.14393.6085 | 10.0.14393.6085 |
| microsoft | windows_10_version_1809 | >= 10.0.0 < 10.0.17763.4645 | 10.0.17763.4645 |
| microsoft | windows_10_version_1809 | >= 10.0.17763.0 < 10.0.17763.4645 | 10.0.17763.4645 |
| microsoft | windows_10_version_21h2 | >= 10.0.19043.0 < 10.0.19044.3208 | 10.0.19044.3208 |
| microsoft | windows_10_version_22h2 | >= 10.0.19045.0 < 10.0.19045.3208 | 10.0.19045.3208 |
| microsoft | windows_11_21h2 | < 10.0.22000.2176 | 10.0.22000.2176 |
| microsoft | windows_11_22h2 | < 10.0.22621.1992 | 10.0.22621.1992 |
| microsoft | windows_11_version_21h2 | >= 10.0.0 < 10.0.22000.2176 | 10.0.22000.2176 |
| microsoft | windows_11_version_22h2 | >= 10.0.22621.0 < 10.0.22621.1992 | 10.0.22621.1992 |
| microsoft | windows_server_2008 | — | — |
| microsoft | windows_server_2008_r2_service_pack_1 | >= 6.1.7601.0 < 6.1.7601.26623 | 6.1.7601.26623 |
| microsoft | windows_server_2012 | — | — |
| microsoft | windows_server_2012 | >= 6.2.9200.0 < 6.2.9200.24374 | 6.2.9200.24374 |
| microsoft | windows_server_2012_r2 | >= 6.3.9600.0 < 6.3.9600.21063 | 6.3.9600.21063 |
| microsoft | windows_server_2016 | >= 10.0.14393.0 < 10.0.14393.6085 | 10.0.14393.6085 |
| microsoft | windows_server_2019 | >= 10.0.17763.0 < 10.0.17763.4645 | 10.0.17763.4645 |
| microsoft | windows_server_2022 | >= 10.0.20348.0 < 10.0.20348.1850 | 10.0.20348.1850 |
| msrc | windows_10 | — | — |
| msrc | windows_10_version_1607 | — | — |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
vendor_msrc7.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-w28h-vj63-44qh: Microsoft VOLSNAP
ghsa_unreviewed·2023-07-11
CVE-2023-35312 [HIGH] GHSA-w28h-vj63-44qh: Microsoft VOLSNAP
Microsoft VOLSNAP.SYS Elevation of Privilege Vulnerability
Microsoft
Microsoft VOLSNAP.SYS Elevation of Privilege Vulnerability
vendor_msrc·2023-07-11·CVSS 7.8
CVE-2023-35312 [HIGH] CWE-190 Microsoft VOLSNAP.SYS Elevation of Privilege Vulnerability
Microsoft VOLSNAP.SYS Elevation of Privilege Vulnerability
FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability?
An attacker who successfully exploited this vulnerability could gain administrator privileges.
Windows VOLSNAP.SYS: Windows VOLSNAP.SYS
Microsoft: Microsoft
Customer Action Required: Yes
Impact: Elevation of Privilege
Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely;DOS:N/A
Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5028168
Reference: https://support.microsoft.com/help/5028168
Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5028171
Reference: https://support.microsoft.com/help/5028171
Reference: https://catalog.update.micr
No detection rules found.
No public exploits indexed.
Talos
Microsoft discloses more than 130 vulnerabilities as part of July’s Patch Tuesday, four exploited in the wild
blogs_talos·2023-07-11·CVSS 7.8
[HIGH] Microsoft discloses more than 130 vulnerabilities as part of July’s Patch Tuesday, four exploited in the wild
Microsoft released its monthly security update Tuesday, disclosing the most vulnerabilities as part of Patch Tuesday in more than a year.
The company released details of more than 130 vulnerabilities, the most in a month since April 2022, 10 of which are considered to be critical. The remaining vulnerabilities are “important.”
Microsoft also included an advisory in today’s Patch Tuesday that provides guidance to mitigate Microsoft-signed drivers that attackers are using maliciously in the wild. Talos recently discovered an attack that focuses on drivers certified by Microsoft’s Windows Hardware Developer Program (MWHDP) being used maliciously in post-exploitation activity. Microsoft had been previously notified of this type of activity in February 2023, and Talos researchers recently rep
Qualys
Microsoft and Adobe Patch Tuesday, July 2023 Security Update Review
blogs_qualys·2023-07-11·CVSS 7.8
[HIGH] Microsoft and Adobe Patch Tuesday, July 2023 Security Update Review
## Table of Contents
Microsoft Patch Tuesday for July 2023
Adobe Patches for July 2023
Zero-day Vulnerabilities Patched in July Patch Tuesday Edition
Other Critical Severity Vulnerabilities Patched in July Patch Tuesday Edition
Other Microsoft Vulnerability Highlights
Microsoft Release Summary
Discover and Prioritize Vulnerabilities in Vulnerability Management, Detection & Response (VMDR)
Rapid Response with Patch Management (PM)
EVALUATE Vendor-Suggested Mitigation with Policy Compliance (PC)
EXECUTE Mitigation Using Qualys Custom Assessment and Remediation (CAR)
Qualys Monthly Webinar Series
Microsoft has released July’s edition of Patch Tuesday! This installment of security updates addressed 132 security vulnerabilities in various products, features, and roles.
## Microsoft
Qualys
Microsoft and Adobe Patch Tuesday, July 2023 Security Update Review | Qualys
blogs_qualys·2023-07-11·CVSS 7.8
[HIGH] Microsoft and Adobe Patch Tuesday, July 2023 Security Update Review | Qualys
#### Table of Contents
- Microsoft Patch Tuesday for July 2023
- Adobe Patches for July 2023
- Zero-day Vulnerabilities Patched in July Patch Tuesday Edition
- Other Critical Severity Vulnerabilities Patched in July Patch Tuesday Edition
- Other Microsoft Vulnerability Highlights
- Microsoft Release Summary
- Discover and Prioritize Vulnerabilities in Vulnerability Management, Detection & Response (VMDR)
- Rapid Response with Patch Management (PM)
- EVALUATE Vendor-Suggested Mitigation with Policy Compliance (PC)
- EXECUTE Mitigation Using Qualys Custom Assessment and Remediation (CAR)
- Qualys Monthly Webinar Series
Microsoft has released July’s edition of Patch Tuesday! This installment of security updates addressed 132 security vulnerabilities in various products, features, and roles.
Talos
Microsoft discloses more than 130 vulnerabilities as part of July’s Patch Tuesday, four exploited in the wild
blogs_talos·2023-07-11·CVSS 7.8
[HIGH] Microsoft discloses more than 130 vulnerabilities as part of July’s Patch Tuesday, four exploited in the wild
## Microsoft discloses more than 130 vulnerabilities as part of July’s Patch Tuesday, four exploited in the wild
Microsoft released its monthly security update Tuesday, disclosing the most vulnerabilities as part of Patch Tuesday in more than a year.
The company released details of more than 130 vulnerabilities, the most in a month since April 2022, 10 of which are considered to be critical. The remaining vulnerabilities are “important.”
Microsoft also included an advisory in today’s Patch Tuesday that provides guidance to mitigate Microsoft-signed drivers that attackers are using maliciously in the wild. Talos recently discovered an attack that focuses on drivers certified by Microsoft’s Windows Hardware Developer Program (MWHDP) being used maliciously in post-exploitation activity. Mi
2023-07-11
Published