CVE-2023-28303

LOW

Microsoft Snip & Sketch < 10.2008.3001.0 - Information Disclosure

Title source: rule
STIX 2.1

Description

Windows Snipping Tool Information Disclosure Vulnerability

Exploits (1)

nomisec WORKING POC
by m31r0n · poc
https://github.com/m31r0n/SnipRecover-CLI

References (1)

Scores

CVSS v3 3.3
EPSS 0.0057
EPSS Percentile 68.6%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact partial

Details

CWE
CWE-359
Status published
Products (2)
microsoft/snip_\&_sketch 9.0 - 10.2008.3001.0
microsoft/snipping_tool 11.0.0 - 11.2302.20.0
Published Jun 13, 2023
Tracked Since Feb 18, 2026