CVE-2023-35644

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Dec 12, 2023
Updated: May 29, 2024
CWE ID 190

Summary

CVE-2023-35644 is a newly disclosed vulnerability that impacts the Windows Sysmain Service. This issue grants an attacker the ability to elevate their privileges, allowing them to gain higher access to a system than what was originally granted. Successful exploitation of this vulnerability could lead to significant security risks, including unauthorized access to sensitive data or the ability to install malicious software. The specific cause of this vulnerability is still under investigation by Microsoft and other cybersecurity firms. It is recommended that all Windows users apply the latest security patches as soon as possible to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share