Windows Common Log File System Driver Elevation of Privilege Vulnerability - 20230412001

Overview

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges, the highest level of privilege on Windows systems

What is the vulnerability?

CVE-2023-28252 - CVSS:3.1 7.8 / 7.2

What is vulnerable?

Even though this vulnerability requires an attacker to already have access to the victim computer, SYSTEM privileges are a large enough risk that this vulnerability should be patched as soon as possible. In addition, as this vulnerability is actively exploited, special care should be taken to monitor Windows endpoints for signs of intrusion.

Recommendation

The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices:

• https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-28252

Additional References

• https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-28252
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28252