⚠ Actively exploited

Added to CISA KEV on 2023-11-14. Federal agencies required to patch by 2023-12-05. Required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable..

CVE-2023-36033 — Untrusted Pointer Dereference in Microsoft Windows 10 Version 1809

CWE-822 — Untrusted Pointer Dereference CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer32 documents17 sources

Severity

7.8HIGHNVD

EPSS

0.9%

top 24.17%

CISA KEV

KEV

Added 2023-11-14

Due 2023-12-05

Exploit

Exploited in wild

Active exploitation observed

Affected products

Microsoft Windows 10 Version 1809 Microsoft Windows 10 Version 21h2 Microsoft Windows 10 Version 22h2 +13 more

Timeline

PublishedNov 14

KEV addedNov 14

KEV dueDec 5

Latest updateNov 28

CISA Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Description

Windows DWM Core Library Elevation of Privilege Vulnerability

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages16 packages

▶NVDmicrosoft/windows< 10.0.17763.5122+2

▶NVDmicrosoft/windows_10_1809< 10.0.17763.5122

▶NVDmicrosoft/windows_10_21h2< 10.0.19041.3693

▶NVDmicrosoft/windows_10_22h2< 10.0.19045.3693

▶NVDmicrosoft/windows_11_21h2< 10.0.22000.2600

Patches

Patch: msrc.microsoft.com ↗Patch: msrc.microsoft.com ↗

🔴Vulnerability Details

CVEList

Windows DWM Core Library Elevation of Privilege Vulnerability↗2023-11-14

▶

GHSA

GHSA-px3r-p5ph-hg48: Windows DWM Core Library Elevation of Privilege Vulnerability↗2023-11-14

▶

VulnCheck

Microsoft Windows Desktop Window Manager (DWM) Core Library Privilege Escalation Vulnerability↗2023

▶

Project0

Project Zero RCA: CVE-2023-36033: Windows DWM Core Library Elevation of Privilege Vulnerability↗

▶

📋Vendor Advisories

CISA

Microsoft Windows Desktop Window Manager (DWM) Core Library Privilege Escalation Vulnerability↗2023-11-14

▶

Microsoft

Windows DWM Core Library Elevation of Privilege Vulnerability↗2023-11-14

▶

Oracle

Oracle Oracle GoldenGate Risk Matrix: Oracle GoldenGate Stream Analytics (jsoup) — CVE-2022-36033↗2023-07-15

▶

Oracle

Oracle Oracle Construction and Engineering Risk Matrix: User Interface (jsoup) — CVE-2022-36033↗2023-04-15

▶

🕵️Threat Intelligence

Securelist

Kaspersky report on APT trends in Q3 2024↗2024-11-28

▶

Securelist

APT trends report Q3 2024↗2024-11-28

▶

Securelist

IT threat evolution Q2 2024↗2024-09-03

▶

Securelist

Malware report for Q2 2024 — a quarterly review↗2024-09-03

▶

Bleepingcomputer

Microsoft fixes Windows zero-day exploited in QakBot malware attacks↗2024-05-14

▶