Exposures › CVE-2023-36424
Microsoft Windows Common Log File System Driver contains an out-of-bounds read vulnerability enabling privilege escalation.
This unpatched CVE-2023-36424 allows privilege escalation in Windows, posing a critical risk to DIB organizations relying on Microsoft infrastructure. Immediate patching is required to prevent unauthorized access to sensitive systems.
Shame score — A known vulnerability in a widely used OS component that has been actively exploited but is not directly linked to ransomware.
Microsoft Windows Common Log File System Driver contains an out-of-bounds read vulnerability that could allow a threat actor for privileges escalation
| Product | Provider | Status | Match |
|---|---|---|---|
| Azure Commercial Cloud | Microsoft | Authorized | vendor-exact · 0.90 |
| Azure Government (includes Dynamics 365) | Microsoft | Authorized | vendor-exact · 0.90 |
| Microsoft Office 365 GCC High | Microsoft | In Process | vendor-exact · 0.90 |
| Office 365 Multi-Tenant & Supporting Services | Microsoft | Authorized | vendor-exact · 0.90 |