Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.8
CVSSv3

CVE-2023-36874

Published: 11/07/2023 Updated: 27/09/2023
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 0
Subscribe to Windows Server 2008

Vulnerability Summary

Windows Error Reporting Service Elevation of Privilege Vulnerability

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft windows server 2008 r2

microsoft windows server 2012 r2

microsoft windows server 2016 -

microsoft windows server 2008 -

microsoft windows server 2012 -

microsoft windows server 2019 -

microsoft windows server 2022 -

microsoft windows 10 1809

microsoft windows 11 21h2

microsoft windows 10 21h2

microsoft windows 11 22h2

microsoft windows 10 22h2

microsoft windows 10 1507

microsoft windows 10 1607

Exploits

Exploit DB: Microsoft Error Reporting Local Privilege Elevation
This Metasploit module takes advantage of a bug in the way Windows error reporting opens the report parser If you open a report, Windows uses a relative path to locate the rendering program By creating a specific alternate directory structure, we can coerce Windows into opening an arbitrary executable as SYSTEM If the current user is a local adm ...

Github Repositories

https://github.com/Octoberfest7/CVE-2023-36874_BOF

Weaponized CobaltStrike BOF for CVE-2023-36874 Windows Error Reporting LPE

CVE-2023-36874 Windows Error Reporting LPE BOF Introduction This is a mature and operational CobaltStrike BOF implementation of Filip Dragovic's (@filip_dragovic) CVE-2023-36874 Windows Error Reporting LPE exploit He did the heavy lifting in terms of creating a working exploit by reversing the vulnerable DLL in question and creating the undocumented COM structs that are c

https://github.com/grgmrtn255/Links

securityxplodedcom/memory-execution-of-executablephp wwwelasticco/blog/process-ghosting-a-new-executable-image-tampering-attack ponderthebitscom/2018/02/windows-rdp-related-event-logs-identification-tracking-and-investigation/ j00ruvexilliumorg/syscalls/nt/64/ blogcompass-securitycom/2022/11/relaying-to-ad-certificate-services-ov

https://github.com/Wh04m1001/CVE-2023-36874

CVE-2023-36874 For demonstration purposes only Exploit works on vulnerable Windows clients/servers Compile code and create c:\test\system32 directories Place your wermgrexe in that directory and run compiled PoC wer_pocmp4 Testing on windows 10 190452006 pocmp4 Resources: wwwcrowdstrikec

https://github.com/crisprss/CVE-2023-36874

CVE-2023-36874 Proof of Concept

CVE-2023-36874 CVE-2023-36874 Proof of Concept

https://github.com/d0rb/CVE-2023-36874

CVE-2023-36874 PoC

CVE-2023-36874 PoC 🔓 Introduction This repository contains a proof-of-concept exploit written in C++ that demonstrates the exploitation of a vulnerability affecting the Windows Error Reporting (WER) component The exploit showcases the steps involved in triggering the vulnerability and is intended for educational purposes only Any malicious or unethical use of this code is

Recent Articles

Exploits and vulnerabilities in Q1 2024
Securelist • Alexander Kolesnikov • 07 May 2024

We at Kaspersky continuously monitor the evolving cyberthreat landscape to ensure we respond promptly to emerging threats, equipping our products with detection logic and technology. Software vulnerabilities that threat actors can exploit or are already actively exploiting are a critical component of that landscape. In this report, we present a series of insightful statistical and analytical snapshots relating to the trends in the emergence of new vulnerabilities and exploits, as well as the mos...

Read more...
A patched Windows attack surface is still exploitable
Securelist • Elsayed Elrefaei • 14 Mar 2024

On August 8, 2023, Microsoft finally released a kernel patch for a class of vulnerabilities affecting Microsoft Windows since 2015. The vulnerabilities lead to elevation of privilege (EoP), which allows an account with user rights to gain SYSTEM privileges on a vulnerable host. The root cause of this attack surface, according to a 2015 blog, is the ability of a normal user account to replace the original C:\ drive with a fake one by placing a symlink for the system drives in the device map ...

Read more...
Miscreants exploit five Microsoft bugs as Windows giant addresses 130 flaws
The Register

Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources Plus: Apple bungles another rapid security response; important ICS updates land; and more

Patch Tuesday Microsoft today addressed 130 CVE-listed vulnerabilities in its products – and five of those bugs have already been exploited in the wild. A full list of security updates and advisories in this month's Patch Tuesday batch can be found here from the IT giant, or here from the ZDI. In summary, there are fixes for Windows, Office, .NET and Visual Studio, Azure Active Directory and DevOps, Dynamics, printer drivers, Redmond's DNS Server, and Remote Desktop. Of the 130 vulnerabilities...

Read more...

References

NVD-CWE-noinfohttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36874http://packetstormsecurity.com/files/174843/Microsoft-Error-Reporting-Local-Privilege-Elevation.htmlhttps://nvd.nist.govhttps://www.theregister.co.uk/2023/07/11/microsoft_patch_tuesday/https://github.com/Octoberfest7/CVE-2023-36874_BOF
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671unauthorizedCVE-2024-4776CVE-2024-3407CVE-2024-26026CVE-2024-32888wirelessCVE-2024-4656template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook