CVE-2023-38141 — Time-of-check Time-of-use (TOCTOU) Race Condition in Microsoft Windows 10 Version 1507

Severity

7.8HIGHNVD

EPSS

0.3%

top 45.59%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedSep 12

Latest updateMay 1

Description

Windows Kernel Elevation of Privilege Vulnerability

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

▶NVDmicrosoft/windows< 10.0.14393.6252+3

Project0

The Windows Registry Adventure #7: Attack surface analysis - Project Zero↗2025-05-01

▶

Project0

The Windows Registry Adventure #1: Introduction and research results - Project Zero↗2024-04-01

▶

GHSA

GHSA-cqhg-vp8q-p8vh: Windows Kernel Elevation of Privilege Vulnerability↗2023-09-12

▶

CVEList

Windows Kernel Elevation of Privilege Vulnerability↗2023-09-12

▶

Microsoft

Windows Kernel Elevation of Privilege Vulnerability↗2023-09-12

▶

Bleepingcomputer

Microsoft September 2023 Patch Tuesday fixes 2 zero-days, 59 flaws↗2023-09-12

▶