CVE-2023-29347

CVSS 3.1 Score 6.8 of 10 (medium)

Details

Published Jul 11, 2023

Updated: May 29, 2024

CWE ID 79

Summary

CVE-2023-29347 is a new vulnerability affecting Windows Admin Center. Hackers can exploit this spoofing vulnerability to trick users into believing they are interacting with a legitimate admin console, potentially leading to unauthorized access and system manipulation. This issue arises due to insufficient input validation, enabling attackers to craft misleading user interfaces. Users are advised to update their Windows Admin Center installations as soon as patches become available to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Microsoft Windows Admin Center

Affected Vendors

Microsoft

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/r9QQaZ
https://www.cve.org/CVERecord?id=CVE-2023-29347
https://nvd.nist.gov/vuln/detail/CVE-2023-29347

Back to Vulnerability Database