CVE-2023-21766

MSR

MediumConfirmedExploit available

Windows Overlay Filter Information Disclosure Vulnerability

CVSS

4.7

Medium

EPSS

0.01

p54

Published

2023-01-01

Updated

2023-01-01

Description

Windows Overlay Filter Information Disclosure Vulnerability

Tags · CWE

CWE-591

Affected products

Windows_10Windows_11Windows_server_2016Windows_server_2019Windows_server_2022

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Timeline

2023-01-01

Published

2023-01-01

Updated

CVSS 3.1 breakdown

Attack Vector

AV: L

Local (L)

Attack Complexity

AC: H

High (H)

Privileges Required

PR: L

Low (L)

User Interaction

UI: N

None (N)

Scope

S: U

Unchanged (U)

Confidentiality Impact

C: H

High (H)

Integrity Impact

I: N

None (N)

Availability Impact

A: N

None (N)

Exploit indicators

EPSS

0.009 · p54

Known exploited (KEV)

Known exploits — Сканер-ВС

CVE-2023-21766

github-poc · https://github.com/Y3A/cve-2023-21766

Enterprise

Affected products

Microsoft

Windows Windows Server 2016 Windows Server 2019 Windows 10 Windows Server 2022 Windows 11

Product	Vendor	Status
windows_10	*	Tracked
windows_11	*	Tracked
windows_server_2016	*	Tracked
windows_server_2019	*	Tracked
windows_server_2022	*	Tracked
Windows	Microsoft	Tracked
Windows	Microsoft	Tracked
Windows	Microsoft	Tracked
Windows	Microsoft	Tracked
Windows	Microsoft	Tracked
Windows	Microsoft	Tracked
Windows	Microsoft	Tracked
Windows	Microsoft	Tracked
Windows	Microsoft	Tracked
Windows	Microsoft	Tracked
Windows	Microsoft	Tracked
Windows	Microsoft	Tracked
Windows	Microsoft	Tracked
Windows	Microsoft	Tracked
Windows	Microsoft	Tracked

Showing first 20 of 184

Source databases

MSR

CVE

Related vulnerabilities

BDU:2023-00458