CVE-2023-36010

CVSS 3.1 Score 7.5 of 10 (high)

Attack Complexity low
Availability high
Confidentiality none
Integrity none
Scope unchanged
Privileges Required none

Details

Published Dec 12, 2023
Updated: Dec 18, 2023

Summary

CVE-2023-36010 is a newly disclosed vulnerability affecting Microsoft Defender. This issue allows an attacker to trigger a Denial of Service (DoS) condition, causing the security software to crash and become unresponsive. The DoS attack leverages a specific input that Microsoft Defender is unable to handle appropriately, resulting in a significant degradation of service. While no exploit has been publicly released yet, organizations using Microsoft Defender are advised to apply the available patch as soon as possible to mitigate potential risks.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share