CVE-2023-36724

Summary

CVE-2023-36724 is a new information disclosure vulnerability affecting the Windows Power Management Service. Successful exploitation of this vulnerability could allow an attacker to obtain sensitive information from the targeted system. This vulnerability exists due to inadequate input validation, allowing unauthorized users to access certain Power Management Service data. It is recommended that affected systems be updated as soon as possible with the latest Microsoft patches to mitigate this risk. The disclosure of such information could potentially aid an attacker in further exploiting other vulnerabilities or conducting privilege escalation attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.