CVE-2023-36398

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Nov 14, 2023
Updated: May 29, 2024
CWE ID 908

Summary

CVE-2023-36398 is a newly disclosed vulnerability affecting Windows NTFS file systems. This issue allows an attacker to gain unintended access to information through a specially crafted file. By exploiting this information disclosure weakness, an adversary may obtain sensitive data, potentially leading to privacy breaches or further attacks. Microsoft has acknowledged the vulnerability and is working on a patch. Users are advised to apply updates promptly to mitigate risks.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share