The vulnerability of the Windows operating system’s Revocation List driver allows a hacker to circumvent existing security restrictions.

🗓️ 19 May 2023 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 2 Views

The Windows Revocation List driver vulnerability allows bypassing security restrictions due to configuration errors.

Reporter	Title	Published	Views	Family All 46
Circl	CVE-2023-28251	9 May 202322:45	–	circl
CNNVD	Microsoft Windows Secure Boot 安全漏洞	9 May 202300:00	–	cnnvd
CVE	CVE-2023-28251	9 May 202317:03	–	cve
Cvelist	CVE-2023-28251 Windows Driver Revocation List Security Feature Bypass Vulnerability	9 May 202317:03	–	cvelist
EUVD	EUVD-2023-31959	3 Oct 202520:07	–	euvd
Microsoft KB	May 9, 2023—KB5026361 (OS Builds 19042.2965, 19044.2965, and 19045.2965) - EXPIRED	9 May 202307:00	–	mskb
Microsoft KB	May 9, 2023—KB5026362 (OS Build 17763.4377) - EXPIRED	9 May 202307:00	–	mskb
Microsoft KB	May 9, 2023—KB5026363 (OS Build 14393.5921) - EXPIRED	9 May 202307:00	–	mskb
Microsoft KB	May 9, 2023—KB5026368 (OS Build 22000.1936)	9 May 202307:00	–	mskb
Microsoft KB	May 9, 2023—KB5026370 (OS Build 20348.1726)	9 May 202307:00	–	mskb

Source	Link
msrc	www.msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28251
vuldb	www.vuldb.com/ru/
cybersecurity-help	www.cybersecurity-help.cz/vdb/SB2023041143
web	www.web.nvd.nist.gov/view/vuln/detail

19 May 2023 00:00Current

6.6Medium risk

Vulners AI Score6.6

CVSS 25.2

CVSS 36.1

EPSS0.00451

windows revocation list revocation list driver security restrictions configuration errors vulnerability bypass risk