CVE-2023-35359

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Aug 8, 2023
Updated: May 29, 2024
CWE ID 23

Summary

CVE-2023-35359 is a newly disclosed Windows Kernel vulnerability that allows an attacker to elevate their privileges, granting them higher access to a system. This vulnerability can be exploited remotely, potentially enabling an attacker to gain control of a target system. The exact cause of the vulnerability is still under investigation, but it is believed to be related to a flaw in the way the Windows Kernel handles objects in memory. Successful exploitation could lead to significant security risks, including data theft, unauthorized system access, and malware installation. Microsoft is working on a patch to address this issue and has advised users to install it as soon as it becomes available. In the meantime, it is recommended that users apply additional security measures, such as firewalls and antivirus software, to protect against potential attacks.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share