CVE-2023-36004
published 2023-12-12CVE-2023-36004: Windows DPAPI (Data Protection Application Programming Interface) Spoofing Vulnerability
high7.5CVSS 3.1
AVNACHPRNUIRSUCHIHAH
Windows DPAPI (Data Protection Application Programming Interface) Spoofing Vulnerability
Affected
42 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_10_1507 | < 10.0.10240.20345 | 10.0.10240.20345 |
| microsoft | windows_10_1607 | < 10.0.14393.6529 | 10.0.14393.6529 |
| microsoft | windows_10_1809 | < 10.0.17763.5206 | 10.0.17763.5206 |
| microsoft | windows_10_21h2 | < 10.0.19041.3803 | 10.0.19041.3803 |
| microsoft | windows_10_22h2 | < 10.0.19045.3803 | 10.0.19045.3803 |
| microsoft | windows_10_version_1507 | >= 10.0.10240.0 < 10.0.10240.20345 | 10.0.10240.20345 |
| microsoft | windows_10_version_1607 | >= 10.0.14393.0 < 10.0.14393.6529 | 10.0.14393.6529 |
| microsoft | windows_10_version_1809 | >= 10.0.0 < 10.0.17763.5206 | 10.0.17763.5206 |
| microsoft | windows_10_version_1809 | >= 10.0.17763.0 < 10.0.17763.5206 | 10.0.17763.5206 |
| microsoft | windows_10_version_21h2 | >= 10.0.19043.0 < 10.0.19041.3803 | 10.0.19041.3803 |
| microsoft | windows_10_version_22h2 | >= 10.0.19045.0 < 10.0.19045.3803 | 10.0.19045.3803 |
| microsoft | windows_11_21h2 | < 10.0.22000.2652 | 10.0.22000.2652 |
| microsoft | windows_11_22h2 | < 10.0.22621.2861 | 10.0.22621.2861 |
| microsoft | windows_11_23h2 | < 10.0.22631.2861 | 10.0.22631.2861 |
| microsoft | windows_11_version_21h2 | >= 10.0.0 < 10.0.22000.2652 | 10.0.22000.2652 |
| microsoft | windows_11_version_22h2 | >= 10.0.22621.0 < 10.0.22621.2861 | 10.0.22621.2861 |
| microsoft | windows_11_version_22h3 | >= 10.0.22631.0 < 10.0.22621.2861 | 10.0.22621.2861 |
| microsoft | windows_11_version_23h2 | >= 10.0.22631.0 < 10.0.22631.2861 | 10.0.22631.2861 |
| microsoft | windows_server_2008 | — | — |
| microsoft | windows_server_2008_r2_service_pack_1 | >= 6.1.7601.0 < 6.1.7601.26864 | 6.1.7601.26864 |
| microsoft | windows_server_2008_service_pack_2 | >= 6.0.6003.0 < 6.0.6003.22413 | 6.0.6003.22413 |
| microsoft | windows_server_2012 | — | — |
| microsoft | windows_server_2012 | >= 6.2.9200.0 < 6.2.9200.24614 | 6.2.9200.24614 |
| microsoft | windows_server_2012_r2 | >= 6.3.9600.0 < 6.3.9600.21715 | 6.3.9600.21715 |
| microsoft | windows_server_2016 | >= 10.0.14393.0 < 10.0.14393.6529 | 10.0.14393.6529 |
Microsoft
Windows DPAPI (Data Protection Application Programming Interface) Spoofing Vulnerability
vendor_msrc·2023-12-12·CVSS 7.5
CVE-2023-36004 [HIGH] CWE-287 Windows DPAPI (Data Protection Application Programming Interface) Spoofing Vulnerability
Windows DPAPI (Data Protection Application Programming Interface) Spoofing Vulnerability
FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?
The attacker must inject themselves into the logical network path between the target and the resource requested by the victim to read or modify network communications. This is called a machine-in-the-middle (MITM) attack.
FAQ: According to the CVSS metric, user interaction is required (UI:R) and privileges required are none (PR:N). What does that mean for this vulnerability?
An unauthorized attacker must wait for a user to initiate a connection.
FAQ: What is the attack vector for this vulnerability?
To exploit this vulnerability, an attacker would need to launch a machine-in-the-middl
GHSA
GHSA-8qjv-8x85-xvqv: Windows DPAPI (Data Protection Application Programming Interface) Spoofing Vulnerability
ghsa_unreviewed·2023-12-12
CVE-2023-36004 [HIGH] GHSA-8qjv-8x85-xvqv: Windows DPAPI (Data Protection Application Programming Interface) Spoofing Vulnerability
Windows DPAPI (Data Protection Application Programming Interface) Spoofing Vulnerability
No detection rules found.
No public exploits indexed.
Trendmicro
The December 2023 Security Update Review
blogs_trendmicro·2023-12-12
The December 2023 Security Update Review
# The December 2023 Security Update Review
Get the December 2023 security update and review.
By: Zero Day Initiative
2023/12/12
Read time: ( words)
Save to Folio
It’s the final patch Tuesday of 2023, and Apple, Adobe, and Microsoft have released their latest security offerings. Take a break from your holiday hustle and join us as we review the details of their latest advisories. If you’d rather watch the video recap, you can check it out here:
Apple Patches for December 2023
Apple kicked off the December release cycle with patches for iOS and iPadOS with eight CVEs. Two of these CVEs in Webkit are reported as being under active attack on iOS versions 16.7.1 and older. If you’re using an older iPhone or iPad, you should definitely update your device immediately. If you’re using a dev
Bleepingcomputer
Microsoft December 2023 Patch Tuesday fixes 34 flaws, 1 zero-day
blogs_bleepingcomputer·2023-12-12·CVSS 5.5
[MEDIUM] Microsoft December 2023 Patch Tuesday fixes 34 flaws, 1 zero-day
## Microsoft December 2023 Patch Tuesday fixes 34 flaws, 1 zero-day
## Lawrence Abrams
10 Elevation of Privilege Vulnerabilities
8 Remote Code Execution Vulnerabilities
6 Information Disclosure Vulnerabilities
5 Denial of Service Vulnerabilities
5 Spoofing Vulnerabilities
The total count of 34 flaws does not include 8 Microsoft Edge flaws fixed on December 7th.
To learn more about the non-security updates released today, you can review our dedicated articles on the new Windows 11 KB5033375 cumulative update and Windows 10 KB5033372 cumulative update .
## One publicly disclosed zero-day fixed
This month's Patch Tuesday fixes one AMD zero-day vulnerability disclosed in August that previously remained unpatched.
The ' CVE-2023-20588 - AMD: CVE-2023-20588 AMD Speculative Leaks ' vul
2023-12-12
Published