CVE-2023-36598

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Oct 10, 2023

Updated: May 29, 2024

CWE ID 122

Summary

CVE-2023-36598 is a remote code execution vulnerability affecting Microsoft's Windows Defender Application Control (WDAC) ODBC Driver. Malicious actors can exploit this flaw by crafting specially designed ODBC data sources, resulting in arbitrary code execution on vulnerable systems. Successful exploitation could lead to significant security risks, including data theft and system compromise. Microsoft urges users to apply the available patch as soon as possible to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/rwb13t
https://www.cve.org/CVERecord?id=CVE-2023-36598
https://nvd.nist.gov/vuln/detail/CVE-2023-36598

Back to Vulnerability Database

CVE-2023-36598

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations