Attacker Value

Unknown

(0 users assessed)

Exploitability

Unknown

(0 users assessed)

User Interaction

Required

Privileges Required

None

Attack Vector

Network

CVE-2023-36025

Disclosure Date: November 14, 2023 •

CVE-2023-36025 CVSS v3 Base Score: 8.8

Exploited in the Wild

Reported by inokii and 2 more...
View Source Details

Description

Windows SmartScreen Security Feature Bypass Vulnerability

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

8.8 High

Impact Score:

5.9

Exploitability Score:

2.8

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector (AV):

Network

Attack Complexity (AC):

Low

Privileges Required (PR):

None

User Interaction (UI):

Required

Scope (S):

Unchanged

Confidentiality (C):

High

Integrity (I):

High

Availability (A):

High

General Information

Offensive Application

Unknown

Utility Class

Unknown

Ports

Unknown

Vulnerable Versions

Windows 10 Version 1809 10.0.17763.5122

Windows Server 2019 10.0.17763.5122

Windows Server 2019 (Server Core installation) 10.0.17763.5122

Windows Server 2022 10.0.20348.2113

Windows 11 version 21H2 10.0.22000.2600

Windows 10 Version 21H2 10.0.19043.3693

Windows 11 version 22H2 10.0.22621.2715

Windows 10 Version 22H2 10.0.19045.3693

Windows 11 version 22H3 10.0.22631.2715

Windows 11 Version 23H2 10.0.22631.2715

Windows Server 2022, 23H2 Edition (Server Core installation) 10.0.25398.531

Windows 10 Version 1507 10.0.10240.20308

Windows 10 Version 1607 10.0.14393.6452

Windows Server 2016 10.0.14393.6452

Windows Server 2016 (Server Core installation) 10.0.14393.6452

Windows Server 2008 Service Pack 2 6.0.6003.22367

Windows Server 2008 Service Pack 2 (Server Core installation) 6.0.6003.22367

Windows Server 2008 Service Pack 2 6.0.6003.22367

Windows Server 2008 R2 Service Pack 1 6.1.7601.26816

Windows Server 2008 R2 Service Pack 1 (Server Core installation) 6.1.7601.26816

Windows Server 2012 6.2.9200.24569

Windows Server 2012 (Server Core installation) 6.2.9200.24569

Windows Server 2012 R2 6.3.9600.21668

Windows Server 2012 R2 (Server Core installation) 6.3.9600.21668

Prerequisites

Unknown

Discovered By

Unknown

PoC Author

Unknown

Metasploit Module

Unknown

Reporter

Unknown

Vendors

microsoft

Products

Exploited in the Wild

Reported by:

inokii indicated sources as

Vendor Advisory (https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36025)
Government or Industry Alert (https://www.cisa.gov/known-exploited-vulnerabilities-catalog)
Other: CISA Gov Alert (https://www.cisa.gov/news-events/alerts/2023/11/14/cisa-adds-three-known-exploited-vulnerabilities-catalog)

Reported: November 15, 2023 4:08am UTC (1 year ago)

cwyre-r7 indicated source as Other: Rapid7 MDR has observed successful exploitation of this vulnerability in customer environments

Reported: October 15, 2024 9:27pm UTC (4 months ago)

AttackerKB Worker indicated source as Government or Industry Alert (https://www.cisa.gov/news-events/alerts/2023/11/14/cisa-adds-three-known-exploited-vulnerabilities-catalog)

Reported: November 08, 2024 8:33am UTC (3 months ago)

References

Canonical

CVE-2023-36025 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36025)

Exploit

PoCs that have not been added by contributors directly have been sourced from: nomi-sec/PoC-in-GitHub.
A PoC added here by the AKB Worker must have at least 2 GitHub stars.

CVE-2023-36025 (https://github.com/ka7ana/CVE-2023-36025) (Added by AKB Worker)

test_CVE-2023-36025 (https://github.com/J466Y/test_CVE-2023-36025) (Added by AKB Worker)

-EXPLOIT-CVE-2023-36025 (https://github.com/coolman6942o/-EXPLOIT-CVE-2023-36025) (Added by AKB Worker)

Miscellaneous

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36025

Rapid7

Unknown

CVE-2023-36025

Unknown

Unknown

Required

None

Network

CVE-2023-36025

Description