CVE-2023-36010
CVSS 3.1 Score 7.5 of 10 (high)
Attack Complexity low
Availability high
Confidentiality none
Integrity none
Scope unchanged
Privileges Required none
Details
Published Dec 12, 2023
Updated: Dec 18, 2023
Summary
CVE-2023-36010 is a newly disclosed vulnerability affecting Microsoft Defender. This issue allows an attacker to trigger a Denial of Service (DoS) condition, causing the security software to crash and become unresponsive. The DoS attack leverages a specific input that Microsoft Defender is unable to handle appropriately, resulting in a significant degradation of service. While no exploit has been publicly released yet, organizations using Microsoft Defender are advised to apply the available patch as soon as possible to mitigate potential risks.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Vendors
- Microsoft