Exploitation Summary
CVE-2023-29324 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including OLeDouxEt.
AI-analyzed exploit summary This PowerShell script checks for the presence of patches related to CVE-2023-29324 and attempts to download and install them if missing. It does not exploit the vulnerability but rather remediates it.
Description
Windows MSHTML Platform Security Feature Bypass Vulnerability
Exploits (1)
nomisec
SCANNER
2 stars
by OLeDouxEt · poc
https://github.com/OLeDouxEt/CVE-2023-29324_Patch_Deploy
This PowerShell script checks for the presence of patches related to CVE-2023-29324 and attempts to download and install them if missing. It does not exploit the vulnerability but rather remediates it.
Classification
Scanner 95%
Attack Type
Other
Complexity
Moderate
Reliability
Reliable
Target:
Windows 10 and 11 (various builds)
Auth required
Prerequisites:
Administrative privileges · Network access to download patches
MITRE ATT&CK
mistral-large-3 · analyzed Feb 19, 2026
Full analysis →
References (1)
Core 1
Core References
Patch, Vendor Advisory vendor-advisory
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29324
Scores
CVSS v3
6.5
EPSS
0.0284
EPSS Percentile
85.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
Details
VulnCheck KEV
2024-01-30
CWE
CWE-73
Status
published
Products (14)
microsoft/windows_10_1507
< 10.0.10240.19926
microsoft/windows_10_1607
< 10.0.14393.5921
microsoft/windows_10_1809
< 10.0.17763.4377
microsoft/windows_10_20h2
< 10.0.19042.2965
microsoft/windows_10_21h2
< 10.0.19044.2965
microsoft/windows_10_22h2
< 10.0.19045.2965
microsoft/windows_11_21h2
< 10.0.22000.1936
microsoft/windows_11_22h2
< 10.0.22000.1702
microsoft/windows_server_2008
microsoft/windows_server_2008
r2 sp1
... and 4 more
Published
May 09, 2023
Tracked Since
Feb 18, 2026