Published: 14/11/2023 Updated: 20/11/2023

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 0

Windows DWM Core Library Elevation of Privilege Vulnerability

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft windows server 2016 -
microsoft windows server 2019 -
microsoft windows server 2022 -
microsoft windows 10 1809
microsoft windows 10 21h2
microsoft windows 10 22h2
microsoft windows 11 21h2
microsoft windows 11 22h2
microsoft windows 11 23h2

This script looks up CVE numbers you receive from nessus/qualys output and checks them against the Microsoft API to retrieve information such as if there has been exploitation or public details.

Microsoft-CVE-Lookup This script looks up CVE numbers you receive from nessus/qualys output and checks them against the Microsoft API to retrieve information such as if there has been exploitation or public details Help Retrieve information for a CVE from Microsoft API cve_number CVE number to retrieve information for, example CVE-2024-123

Another month, another bunch of fixes for Microsoft security bugs exploited in the wild

The Register

Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources Plus: VMware closes critical hole, Adobe fixes a whopping 76 flaws

Patch Tuesday Heads up: Microsoft's November Patch Tuesday includes fixes for about 60 vulnerabilities – including three that have already been found and abused in the wild. First of that trio is CVE-2023-36033: a Windows Desktop Manager (WDM) Core Library elevation-of-privilege vulnerability. This one, an "important" 7.8-of-10-CVSS-rated bug, is not only listed as exploited by miscreants, the method of exploitation also been publicly disclosed. "An attacker who successfully exploited th...

CVE-2023-36033

Vulnerability Summary

Vulnerability Trend

Github Repositories

Recent Articles

References

Vulmon Search

About

Products

Connect