virus logo Intrusion Prevention

MS.Windows.GDI.CVE-2023-29358.Privilege.Elevation

description-logoDescription

This indicates an attack attempt to exploit an Elevation of Privilege Vulnerability in Microsoft Windows GDI.
The vulnerability is due to an error in validating pointer references. Successful exploitation could result in elevation of privilege within the context of the vulnerable system.

affected-products-logoAffected Products

Windows Server 2022
Windows Server 2022 (Server Core installation)
Windows 11 version 21H2 for x64-based Systems
Windows 11 version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 11 Version 22H2 for ARM64-based Systems
Windows 11 Version 22H2 for x64-based Systems
Windows 10 Version 22H2 for x64-based Systems
Windows 10 Version 22H2 for ARM64-based Systems
Windows 10 Version 22H2 for 32-bit Systems

Impact logoImpact

Privilege Escalation: Attackers can leverage their privileges on vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29358

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Status Detail
2024-07-15 28.826
Modified
 Name:MS.
Windows.
GDI.
CVE-2023-29358.
Elevation.
Of.
Privilege:MS.
Windows.
GDI.
CVE-2023-29358.
Privilege.
Elevation
2023-06-22 24.587
Modified
 Default_action:pass:drop
2023-06-13 24.575
New

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29358
ID 53124
Created Jun 13, 2023
Updated Jul 11, 2024
CVE ID
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Exploit Prediction Score 2.2%
Default Action drop
Active
Affected OS Windows
Affected App Other
Profile Type Permission/Privilege/Access Control