CVE-2023-28246 HIGH

CVE-2023-28246: Windows Registry Elevation of Privilege Vulnerability

Vendor Microsoft

Product Windows Server 2022

Weakness CWE-284

Published April 11, 2023

Last update January 23, 2025

CVSS base score

7.8/10

Attack vector Local

Attack complexity Low

Privileges required Low

User interaction None

Confidentiality High

Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

What the vulnerability does

01Description

Windows Registry Elevation of Privilege Vulnerability

Key dates

April 11, 2023 CVE published

January 23, 2025 Record updated

External resources

Related vulnerabilities

CVE CVE-2023-28246

CWE CWE-284

CVSS 7.8 / HIGH

Vendor Microsoft

Product Windows Server 2022

Affected ≥ 10.0.20348.0 and < 10.0.20348.1668

Vendor Microsoft

Product Windows 11 version 21H2

Affected ≥ 10.0.0 and < 10.0.22000.1817

Vendor Microsoft

Product Windows 11 version 22H2

Affected ≥ 10.0.22621.0 and < 10.0.22621.1555