CVE-2023-23376
HIGH KEV RANSOMWAREWindows Common Log File System Driver - Elevation of Privilege via Heap-based Buffer Overflow
Title source: llmExploitation Summary
CVE-2023-23376 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added February 14, 2023, with confirmed use in ransomware campaigns.
Description
Windows Common Log File System Driver Elevation of Privilege Vulnerability
References (2)
Core 2
Core References
US Government Resource
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-23376
Patch, Vendor Advisory vendor-advisory
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23376
Scores
CVSS v3
7.8
EPSS
0.1515
EPSS Percentile
94.8%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
active
Automatable
no
Technical Impact
total
Details
CISA KEV
2023-02-14
VulnCheck KEV
2023-02-14
InTheWild.io
2023-02-14
ENISA EUVD
EUVD-2023-27476
Ransomware Use
Confirmed
CWE
CWE-122
CWE-787
Status
published
Products (15)
microsoft/windows_10_1507
< 10.0.10240.19747
microsoft/windows_10_1607
< 10.0.14393.5717
microsoft/windows_10_1809
< 10.0.17763.4010
microsoft/windows_10_20h2
< 10.0.19042.2604
microsoft/windows_10_21h2
< 10.0.19044.2604
microsoft/windows_10_22h2
< 10.0.19045.2604
microsoft/windows_11_21h2
< 10.0.22000.1574
microsoft/windows_11_22h2
< 10.0.22621.1265
microsoft/windows_server_2008
microsoft/windows_server_2008
r2 sp1
... and 5 more
Published
Feb 14, 2023
KEV Added
Feb 14, 2023
Tracked Since
Feb 18, 2026