SB2023101050 - Multiple vulnerabilities in Microsoft Win32k
Published: October 10, 2023 Updated: April 19, 2024
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 5 vulnerabilities.
1) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2023-41772)
CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to application does not properly impose security restrictions in Win32k, which leads to security restrictions bypass and privilege escalation.
2) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2023-36731)
CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to application does not properly impose security restrictions in Win32k, which leads to security restrictions bypass and privilege escalation.
3) Race condition (CVE-ID: CVE-2023-36776)
CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition in Win32k. A local user can exploit the race and gain unauthorized access to sensitive information and escalate privileges on the system.
4) Race condition (CVE-ID: CVE-2023-36732)
CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the DEVLOCKBLTOBJ class in the win32kfull driver. A local user can exploit the race and execute arbitrary code with SYSTEM privileges.
5) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2023-36743)
CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to application does not properly impose security restrictions in Win32k, which leads to security restrictions bypass and privilege escalation.
Remediation
Install update from vendor's website.
References
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2023-41772
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2023-36731
- https://www.zerodayinitiative.com/advisories/ZDI-23-1554/
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2023-36776
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2023-36732
- https://www.zerodayinitiative.com/advisories/ZDI-23-1553/
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2023-36743