CVE-2023-21537

HIGH

Microsoft MSMQ - Privilege Escalation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-21537. PoCs published by stevenjoezhang.

AI-analyzed exploit summary This PoC exploits a race condition in Microsoft Message Queuing (MSMQ) via IOCTL calls, leading to a denial-of-service (DoS) condition. It uses two threads to manipulate a shared buffer length, triggering the vulnerability.

Description

Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability

Exploits (1)

nomisec WORKING POC 1 stars
by stevenjoezhang · poc
https://github.com/stevenjoezhang/CVE-2023-21537

This PoC exploits a race condition in Microsoft Message Queuing (MSMQ) via IOCTL calls, leading to a denial-of-service (DoS) condition. It uses two threads to manipulate a shared buffer length, triggering the vulnerability.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Moderate
Reliability
Racy
Target: Microsoft Message Queuing (MSMQ) on Windows
No auth needed
Prerequisites: Access to a Windows system with MSMQ enabled
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1
Core References

Scores

CVSS v3 7.8
EPSS 0.0053
EPSS Percentile 40.6%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-367
Status published
Products (17)
microsoft/windows_10_1607 (2 CPE variants)
microsoft/windows_10_1809 (3 CPE variants)
microsoft/windows_10_20h2 (3 CPE variants)
microsoft/windows_10_21h2 (3 CPE variants)
microsoft/windows_10_22h2 (3 CPE variants)
microsoft/windows_11_21h2
microsoft/windows_11_22h2 (2 CPE variants)
microsoft/windows_7 (2 CPE variants)
microsoft/windows_8.1 (2 CPE variants)
microsoft/windows_rt_8.1
... and 7 more
Published Jan 10, 2023
Tracked Since Feb 18, 2026