Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-29343

Published: 09/05/2023 Updated: 16/05/2023
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 0
Subscribe to Microsoft

Vulnerability Summary

SysInternals Sysmon for Windows Elevation of Privilege Vulnerability

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft windows sysmon

Github Repositories

https://github.com/Wh04m1001/CVE-2023-29343

CVE-2023-29343 This is PoC for arbitrary file write bug in Sysmon version 1414 After last patch Sysmon would check if Archive directory exists and if it exists it would check if archive directory is owned by NT AUTHORITY\SYSTEM and access is only granted to NT AUTHORITY\SYSTEM If both conditions are true then Sysmon will write/delete files in that directory As its not possi

References

NVD-CWE-noinfohttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29343https://nvd.nist.govhttps://github.com/Wh04m1001/CVE-2023-29343
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middleCVE-2024-34558CVE-2024-32674CVE-2024-34351XPath injectionCVE-2023-45866CVE-2024-25528CVE-2024-25517path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook