Skip to main content

Windows 10 20H2 CVE-2023-21733

HIGH
Heap-based Buffer Overflow (CWE-122)
2023-01-10 secure@microsoft.com
7.0
CVSS 3.1 · Vendor: microsoft
Share

Severity by source

Vendor (microsoft) PRIMARY
7.0 HIGH
AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from Vendor (microsoft) · only source for this CVE.

CVSS VectorVendor: microsoft

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Jan 10, 2023 - 22:15 cve.org
HIGH 7.0

DescriptionCVE.org

Windows Bind Filter Driver Elevation of Privilege Vulnerability

AnalysisAI

Windows Bind Filter Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-122. Windows Bind Filter Driver Elevation of Privilege Vulnerability Affected products include: Microsoft Windows 10 20H2, Microsoft Windows 10 21H2, Microsoft Windows 10 22H2, Microsoft Windows 11 21H2, Microsoft Windows 11 22H2.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2021-34527 HIGH POC
8.8 Jul 02

<p>A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged fi

CVE-2023-28252 HIGH POC
7.8 Apr 11

Windows Common Log File System Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnera

CVE-2021-40449 HIGH POC
7.8 Oct 13

Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity

CVE-2021-1675 HIGH POC
7.8 Jun 08

Windows Print Spooler Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no auth

CVE-2022-26904 HIGH POC
7.0 Apr 15

Windows User Profile Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

CVE-2023-21554 CRITICAL POC
9.8 Apr 11

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerabi

CVE-2021-31166 CRITICAL POC
9.8 May 11

HTTP Protocol Stack Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remot

CVE-2022-26923 HIGH POC
8.8 May 10

Active Directory Domain Services Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerabilit

CVE-2023-28293 HIGH POC
7.8 Apr 11

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack co

CVE-2023-23410 HIGH POC
7.8 Mar 14

Windows HTTP.sys Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack

CVE-2023-28229 HIGH POC
7.0 Apr 11

Windows CNG Key Isolation Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). Public exploit c

CVE-2022-26934 MEDIUM
6.5 May 10

Windows Graphics Component Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is

Share

CVE-2023-21733 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy