CVE-2023-29346

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Jun 14, 2023

Updated: May 29, 2024

CWE ID 681

Summary

CVE-2023-29346 refers to a newly disclosed NTFS (New Technology File System) Elevation of Privilege vulnerability. Malicious actors can exploit this weakness to elevate their user privileges, potentially gaining administrative access to affected systems. The flaw resides in the way NTFS handles certain file operations, allowing attackers to manipulate them for privilege escalation. This vulnerability poses a significant risk, especially for Windows-based systems that utilize NTFS, and requires urgent attention for patching and mitigation efforts.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/roHK3W
https://www.cve.org/CVERecord?id=CVE-2023-29346
https://nvd.nist.gov/vuln/detail/CVE-2023-29346

Back to Vulnerability Database

CVE-2023-29346

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations