Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
githubexploitEA3B14A6-4AEF-5983-864C-286A281CC914
HistoryMar 21, 2024 - 4:16 p.m.

Exploit for Out-of-bounds Write in Microsoft

2024-03-2116:16:52
33
microsoft
out-of-bounds write
clfs
cve-2023-28252
ransomware
0-day vulnerability
trend micro
kaspersky
nokoyawa ransomware
exploit developer.

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

8.9

Confidence

High

EPSS

0.016

Percentile

87.8%

JSON

CLFS attack - CVE-2023-28252

Since February 2022 was reported a…

This is an article that belongs to githubexploit private collection.
Please sign in to get more Information.

Related

hivepro 1
prion 1
metasploit 1
githubexploit 7
zdt 1
attackerkb 1
mscve 1
cve 1
cvelist 1
vulnrichment 1
cisa_kev 1
packetstorm 1
nvd 1
wizblog 1
securelist 10
thn 3
qualysblog 4
talosblog 2
avleonov 2
krebs 1
malwarebytes 1
trellix 2
rapid7blog 3
mskb 15
nessus 11
openvas 8
kaspersky 2
hivepro
hivepro
Cybercrime group exploits zero-day on Windows servers to deploy Nokoyawa ransomware
2023-04-12 11:17:33
prion
prion
Privilege escalation
2023-04-11 21:15:00
metasploit
metasploit
Windows Common Log File System Driver (clfs.sys) Elevation of Privilege Vulnerability
2023-07-28 07:43:37
githubexploit
githubexploit
Exploit for Out-of-bounds Write in Microsoft
2024-01-01 15:30:33
Exploit for Heap-based Buffer Overflow in Microsoft
2023-06-27 12:22:05
Exploit for Out-of-bounds Write in Microsoft
2024-01-22 10:38:02
zdt
zdt
Windows Common Log File System Driver (clfs.sys) Privilege Escalation Exploit
2023-09-14 00:00:00
attackerkb
attackerkb
CVE-2023-28252
2023-04-11 00:00:00
mscve
mscve
Windows Common Log File System Driver Elevation of Privilege Vulnerability
2023-04-11 07:00:00
cve
cve
CVE-2023-28252
2023-04-11 21:15:25
cvelist
cvelist
CVE-2023-28252 Windows Common Log File System Driver Elevation of Privilege Vulnerability
2023-04-11 19:13:51
vulnrichment
vulnrichment
CVE-2023-28252 Windows Common Log File System Driver Elevation of Privilege Vulnerability
2023-04-11 19:13:51
cisa_kev
cisa_kev
Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability
2023-04-11 00:00:00
packetstorm
packetstorm
Windows Common Log File System Driver (clfs.sys) Privilege Escalation
2023-09-14 00:00:00
nvd
nvd
CVE-2023-28252
2023-04-11 21:15:25
wizblog
wizblog
Microsoft April 2023 Patch Tuesday Highlights: everything you need to know
2023-04-13 19:20:20
securelist
securelist
IT threat evolution in Q2 2023
2023-08-30 10:00:05
Windows CLFS and five exploits used by ransomware operators (Exploit #5 – CVE-2023-28252)
2023-12-21 10:00:01
Nokoyawa ransomware attacks with Windows zero-day
2023-04-11 17:36:20
thn
thn
VMware ESXi Flaw Exploited by Ransomware Groups for Admin Access
2024-07-30 04:20:00
Carbanak Banking Malware Resurfaces with New Ransomware Tactics
2023-12-26 07:26:00
Urgent: Microsoft Issues Patches for 97 Flaws, Including Active Ransomware Exploit
2023-04-12 06:38:00
qualysblog
qualysblog
Combine Qualys TruRiskβ„’ and MITRE ATT&CK to Adopt Threat-Informed Defense to Reduce Risk
2024-03-25 15:44:18
Qualys Survey of Top 10 Exploited Vulnerabilities in 2023
2023-09-26 13:04:00
2023 Threat Landscape Year in Review: If Everything Is Critical, Nothing Is
2023-12-19 15:00:00
talosblog
talosblog
Threat Source newsletter (April 13, 2023) β€” Dark web forum whac-a-mole
2023-04-13 18:00:40
Microsoft Patch Tuesday for April 2023 β€” Snort rules and prominent vulnerabilities
2023-04-11 19:28:27
avleonov
avleonov
Vulristics News: EPSS v3 Support, Integration into Cloud Advisor
2023-04-23 23:11:58
Microsoft Patch Tuesday April 2023: CLFS EoP, Word RCE, MSMQ QueueJumper RCE, PCL6, DNS, DHCP
2023-04-27 22:03:04
krebs
krebs
Microsoft (& Apple) Patch Tuesday, April 2023 Edition
2023-04-12 00:06:51
malwarebytes
malwarebytes
Update now! April’s Patch Tuesday includes a fix for one zero-day
2023-04-12 10:00:00
trellix
trellix
The Bug Report – April 2023 Edition
2023-05-03 00:00:00
The Bug Report – April 2023 Edition
2023-05-03 00:00:00
rapid7blog
rapid7blog
Metasploit 2023 Annual Wrap-Up: Dec. 29, 2023
2023-12-29 19:38:15
Metasploit Weekly Wrap-Up
2023-09-15 18:54:45
Patch Tuesday - April 2023
2023-04-11 22:49:56
mskb
mskb
April 11, 2023β€”KB5025271 (Monthly Rollup)
2023-04-11 07:00:00
April 11, 2023β€”KB5025273 (Security-only update)
2023-04-11 07:00:00
April 11, 2023β€”KB5025279 (Monthly Rollup)
2023-04-11 07:00:00
nessus
nessus
KB5025273: Windows Server 2008 Security Update (April 2023)
2023-04-11 00:00:00
KB5025277: Windows Server 2008 R2 Security Update (April 2023)
2023-04-11 00:00:00
KB5025234: Windows 10 LTS 1507 Security Update (April 2023)
2023-04-11 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5025279)
2023-04-12 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5025221)
2023-04-12 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5025234)
2023-04-12 00:00:00
kaspersky
kaspersky
KLA48842 Multiple vulnerabilities in Microsoft Products (ESU)
2023-04-11 00:00:00
KLA48845 Multiple vulnerabilities in Microsoft Windows
2023-04-11 00:00:00

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

8.9

Confidence

High

EPSS

0.016

Percentile

87.8%

JSON
Related for EA3B14A6-4AEF-5983-864C-286A281CC914
hivepro1prion1metasploit1githubexploit7zdt1attackerkb1mscve1cve1cvelist1vulnrichment1cisa_kev1packetstorm1nvd1wizblog1securelist10thn3qualysblog4talosblog2avleonov2krebs1malwarebytes1trellix2rapid7blog3mskb15nessus11openvas8kaspersky2