Lucene search

K
cveMicrosoftCVE-2023-32018
HistoryJun 14, 2023 - 12:15 a.m.

CVE-2023-32018

2023-06-1400:15:11
CWE-416
microsoft
web.nvd.nist.gov
90
cve-2023-32018
windows
hello
remote code execution
vulnerability
nvd

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

8.3

Confidence

High

EPSS

0.002

Percentile

52.1%

Windows Hello Remote Code Execution Vulnerability

Affected configurations

Nvd
Vulners
Node
microsoftwindows_11_22h2Range<10.0.22621.1848arm64
OR
microsoftwindows_11_22h2Range<10.0.22621.1848x64
VendorProductVersionCPE
microsoftwindows_11_22h2*cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*

CNA Affected

[
  {
    "vendor": "Microsoft",
    "product": "Windows 11 version 22H2",
    "cpes": [
      "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.1848:*:*:*:*:*:arm64:*",
      "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.1848:*:*:*:*:*:x64:*"
    ],
    "platforms": [
      "ARM64-based Systems",
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "10.0.0",
        "lessThan": "10.0.22621.1848",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  }
]

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

8.3

Confidence

High

EPSS

0.002

Percentile

52.1%