Summaryinfo

A vulnerability has been found in Microsoft Windows and classified as critical. Affected by this issue is some unknown functionality of the component Media. The manipulation leads to an unknown weakness. This vulnerability is uniquely identified as CVE-2023-23402. The attack is possible to be carried out remotely. No exploit exists. Applying a patch is the recommended action to fix this issue.

Detailsinfo

A vulnerability was found in Microsoft Windows (Operating System). It has been rated as critical. This issue affects an unknown part of the component Media. Impacted is confidentiality, integrity, and availability.

The weakness was disclosed 03/14/2023 as confirmed security guidance (Website). The advisory is shared at portal.msrc.microsoft.com. The identification of this vulnerability is CVE-2023-23402. It demands that the victim is doing some kind of user interaction. Neither technical details nor an exploit are publicly available. The price for an exploit might be around USD $5k-$25k at the moment (estimation calculated on 04/07/2023).

Applying a patch is able to eliminate this problem. A possible mitigation has been published immediately after the disclosure of the vulnerability.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Productinfo

Type

• Operating System

Vendor

• Microsoft

Name

• Windows

Version

• 10
• 10 20H2
• 10 21H2
• 10 22H2
• 10 1607
• 10 1809
• 11 21H2
• 11 22H2
• Server 2008 R2 SP1
• Server 2012
• Server 2012 R2
• Server 2016
• Server 2019
• Server 2022

License

• commercial

Website

• Vendor: https://www.microsoft.com/
• Product: https://www.microsoft.com/en-us/windows

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion