virus logo Intrusion Prevention

MS.Windows.LSASS.CVE-2023-36391.Privilege.Elevation

description-logoDescription

This indicates an attack attempt to exploit an Elevation of Privilege Vulnerability in Windows Local Security Authority Subsystem Service (LSASS).
The vulnerability is due to an error in file path validation. Successful exploitation could result in elevation of privilege within the context of the vulnerable system.

affected-products-logoAffected Products

Windows 11 Version 23H2 for ARM64-based Systems
Windows 11 Version 23H2 for x64-based Systems

Impact logoImpact

Privilege Escalation: Attackers can leverage their privileges on vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36391

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Status Detail
2024-07-15 28.826
Modified
 Name:MS.
Windows.
LSASS.
CVE-2023-36391.
Elevation.
of.
Privilege:MS.
Windows.
LSASS.
CVE-2023-36391.
Privilege.
Elevation
2023-12-20 26.700
Modified
 Default_action:pass:drop
2023-12-12 26.693
New

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36391
ID 54444
Created Dec 12, 2023
Updated Jul 11, 2024
CVE ID
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Exploit Prediction Score 1.65%
Default Action drop
Active
Affected OS Windows
Affected App Other
Profile Type Permission/Privilege/Access Control