⚠ Actively exploited
Added to CISA KEV on 2023-11-16. Federal agencies required to patch by 2023-12-07. Required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable..

CVE-2023-36584

9 documents8 sources
Severity
5.4MEDIUM
EPSS
15.4%
top 5.35%
CISA KEV
KEV
Added 2023-11-16
Due 2023-12-07
Exploit
Exploited in wild
Active exploitation observed
Affected products
27
Microsoft Windows 10 Version 1507Microsoft Windows 10 Version 1607Microsoft Windows 10 Version 1809+24 more
Timeline
PublishedOct 10
KEV addedNov 16
Latest updateNov 17
KEV dueDec 7
CISA Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Description

Windows Mark of the Web Security Feature Bypass Vulnerability

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:LExploitability: 2.8 | Impact: 2.5

Affected Packages27 packages

NVDmicrosoft/windows< 10.0.14393.6351+3
NVDmicrosoft/windows_10_1507< 10.0.10240.20232
NVDmicrosoft/windows_10_1809< 10.0.17763.4974
NVDmicrosoft/windows_10_21h1< 10.0.19041.3570
NVDmicrosoft/windows_10_22h2< 10.0.19041.3570

Patches

Patch: msrc.microsoft.comPatch: msrc.microsoft.com

🔴Vulnerability Details

3
GHSA
GHSA-frhq-jq5j-7w9c: Windows Mark of the Web Security Feature Bypass Vulnerability2023-10-10
CVEList
Windows Mark of the Web Security Feature Bypass Vulnerability2023-10-10
VulnCheck
Microsoft Windows Mark of the Web (MOTW) Security Feature Bypass Vulnerability2023

📋Vendor Advisories

2
CISA
Microsoft Windows Mark of the Web (MOTW) Security Feature Bypass Vulnerability2023-11-16
Microsoft
Windows Mark of the Web Security Feature Bypass Vulnerability2023-10-10

🕵️Threat Intelligence

3
Bleepingcomputer
CISA warns of actively exploited Windows, Sophos, and Oracle bugs2023-11-17
Unit42
In-Depth Analysis of July 2023 Exploit Chain Featuring CVE-2023-36884 and CVE-2023-365842023-11-13
Unit42
In-Depth Analysis of July 2023 Exploit Chain Featuring CVE-2023-36884 and CVE-2023-365842023-11-13
CVE-2023-36584 (MEDIUM CVSS 5.4) | Windows Mark of the Web Security Fe | cvebase.io