CVE-2023-36721 HIGH

CVE-2023-36721: Windows Error Reporting Service Elevation of Privilege Vulnerability

Vendor Microsoft

Product Windows 10 Version 1809

Weakness CWE-269

Published October 10, 2023

Last update April 14, 2025

View on NVD All CVEs

CVSS base score

7.0/10

Attack vector Local

Attack complexity High

Privileges required Low

User interaction None

Confidentiality High

Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

What the vulnerability does

01Description

Windows Error Reporting Service Elevation of Privilege Vulnerability

Key dates

02Disclosure timeline

October 10, 2023 CVE published

April 14, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2023-36721 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/269.html

Related vulnerabilities

Identifiers

CVE CVE-2023-36721

CWE CWE-269

CVSS 7.0 / HIGH

Affected versions

Vendor Microsoft

Product Windows 10 Version 1809

Affected ≥ 10.0.17763.0 and < 10.0.17763.4974

Vendor Microsoft

Product Windows 10 Version 1809

Affected ≥ 10.0.0 and < 10.0.17763.4974

Vendor Microsoft

Product Windows Server 2019

Affected ≥ 10.0.17763.0 and < 10.0.17763.4974

Vendor Microsoft

Product Windows Server 2019 (Server Core installation)

Affected ≥ 10.0.17763.0 and < 10.0.17763.4974

Vendor Microsoft

Product Windows Server 2022

Affected ≥ 10.0.20348.0 and < 10.0.20348.2031

Vendor Microsoft

Product Windows 11 version 21H2

Affected ≥ 10.0.0 and < 10.0.22000.2538

Vendor Microsoft

Product Windows 10 Version 21H2

Affected ≥ 10.0.19043.0 and < 10.0.19041.3570

Vendor Microsoft

Product Windows 11 version 22H2

Affected ≥ 10.0.22621.0 and < 10.0.22621.2428

Vendor Microsoft

Product Windows 10 Version 22H2

Affected ≥ 10.0.19045.0 and < 10.0.19045.3570

CVE-2023-36721: Windows Error Reporting Service Elevation of Privilege Vulnerability

01Description

02Disclosure timeline

03References

04Related CVE