8.8
CVSSv3

CVE-2023-23388

Published: 14/03/2023 Updated: 29/05/2024
CVSS v3 Base Score: 8.8 | Impact Score: 6 | Exploitability Score: 2
VMScore: 0

Vulnerability Summary

Windows Bluetooth Driver Elevation of Privilege Vulnerability

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft windows server 2016 -

microsoft windows server 2019 -

microsoft windows server 2022 -

microsoft windows 11 22h2

microsoft windows 10 22h2

microsoft windows 10 1607

microsoft windows 10 21h2

microsoft windows 11 21h2

microsoft windows 10 20h2

microsoft windows 10 1809

microsoft windows 10 1507

Github Repositories

poc for CVE-2023-23388 (LPE in Windows 10/11 bthserv service)

This repository contains a poc for CVE-2023-23388, which is described in this series, particularly in this post It's an LPE in the bluetooth service (aka bthserv) in Windows 10/11 that allows an unprivileged user to escalate to LOCAL SERVICE This repo doesn't contain an exploit, only a poc building, running, etc Use a VM This could be a virus MS fixed the vulner