CVE-2023-36396
CVSS 3.1 Score 7.8 of 10 (high)
Details
Published Nov 14, 2023
Updated: May 29, 2024
CWE ID 41
Summary
CVE-2023-36396 is a remote code execution vulnerability affecting Windows Compressed Folders. An attacker can exploit this weakness by crafting a specially designed cabinet file, which, when opened, allows the attacker to execute arbitrary code on the target system. Successful exploitation of this vulnerability could result in significant security risks, including unauthorized system access, data theft, or further malware infection. Microsoft strongly advises users to install the available patches as soon as possible to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Microsoft Windows 11 22h2
Affected Vendors
- Microsoft