CVE-2023-21746

HIGH EXPLOITED

Windows NTLM - Privilege Escalation

Title source: llm

Description

Windows NTLM Elevation of Privilege Vulnerability

Exploits (4)

nomisec WORKING POC 3 stars

by Muhammad-Ali007 · local

https://github.com/Muhammad-Ali007/LocalPotato_CVE-2023-21746

View Code ZIP pw:eip

nomisec WORKING POC

by TailoredSecOps · poc

https://github.com/TailoredSecOps/PEREDBOEMPATAT-BOF

View Code ZIP pw:eip

github WORKING POC

by velikrgl · cpoc

https://github.com/velikrgl/CVE-Exploits/tree/main/CVE-2023-21746

View Code ZIP pw:eip

patchapalooza WORKING POC

by decoder-it · local

https://github.com/decoder-it/LocalPotato

View Code ZIP pw:eip

References (1)

[Vendor Advisory] https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21746

Scores

CVSS v3 7.8

EPSS 0.5374

EPSS Percentile 98.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2023-09-18

Status published

Products (18)

microsoft/windows_10

microsoft/windows_10 20h2

microsoft/windows_10 21h2

microsoft/windows_10 22h2

microsoft/windows_10 1607

microsoft/windows_10 1809

microsoft/windows_11 (2 CPE variants)

microsoft/windows_11 21h2 (2 CPE variants)

microsoft/windows_11 22h2 (2 CPE variants)

microsoft/windows_7

... and 8 more

Published Jan 10, 2023

Tracked Since Feb 18, 2026