CVE-2023-35320

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Jul 11, 2023

Updated: May 29, 2024

CWE ID 59

Summary

CVE-2023-35320 is an elevation of privilege vulnerability affecting Connected User Experiences and Telemetry (CUXT). An attacker who successfully exploits this flaw can escalate their privileges, potentially gaining control over affected systems. This vulnerability poses a significant risk to organizations, as CUXT is a widely used component in Microsoft products, including Windows and Office applications. Successful exploitation could lead to data theft, unauthorized system access, or even the installation of malware. Mitigations include applying available patches and implementing strong access controls.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/rzlEvp
https://www.cve.org/CVERecord?id=CVE-2023-35320
https://nvd.nist.gov/vuln/detail/CVE-2023-35320

Back to Vulnerability Database

CVE-2023-35320

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations