What the vulnerability does
01Description
Microsoft WordPad Information Disclosure Vulnerability
CVE-2023-36563
MEDIUM
CVE-2023-36563: Microsoft WordPad Information Disclosure Vulnerability
CVSS base score
6.5/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
CISA mandated remediation
02CISA Required Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Key dates
03Disclosure timeline
October 10, 2023
CVE published
October 21, 2025
Record updated
External resources
04References
Related vulnerabilities
05Related CVE
CVE-2020-26185
CVE-2023-21816 Windows Active Directory Domain Services API Denial of Service Vulnerability
CVE-2025-14558 Remote code execution via ND6 Router Advertisements
CVE-2020-10028 Multiple Syscalls In GPIO Subsystem Performs No Argument Validation
CVE-2024-43526 Windows Mobile Broadband Driver Remote Code Execution Vulnerability
