CVE-2023-35382

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Aug 8, 2023

Updated: Jan 1, 2025

CWE ID 416

Summary

CVE-2023-35382 is a newly disclosed Microsoft Windows vulnerability that allows an attacker to elevate their privileges within the Windows Kernel. By exploiting this vulnerability, an attacker can gain higher-level access to a system, potentially leading to the theft of sensitive information or the installation of malware. This issue can be exploited remotely, making it particularly dangerous. Microsoft has not yet released a patch for this vulnerability, leaving affected systems vulnerable to attack. It is recommended that organizations apply best security practices, such as firewalls and intrusion prevention systems, until a patch becomes available.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners

CVE-2023-35382

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations