CVE-2023-29324

MEDIUM EXPLOITED

Windows MSHTML < - Privilege Escalation

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2023-29324 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including OLeDouxEt.

AI-analyzed exploit summary This PowerShell script checks for the presence of patches related to CVE-2023-29324 and attempts to download and install them if missing. It does not exploit the vulnerability but rather remediates it.

Description

Windows MSHTML Platform Security Feature Bypass Vulnerability

Exploits (1)

nomisec SCANNER 2 stars
by OLeDouxEt · poc
https://github.com/OLeDouxEt/CVE-2023-29324_Patch_Deploy

This PowerShell script checks for the presence of patches related to CVE-2023-29324 and attempts to download and install them if missing. It does not exploit the vulnerability but rather remediates it.

Classification
Scanner 95%
Attack Type
Other
Complexity
Moderate
Reliability
Reliable
Target: Windows 10 and 11 (various builds)
Auth required
Prerequisites: Administrative privileges · Network access to download patches
mistral-large-3 · analyzed Feb 19, 2026 Full analysis →

References (1)

Core 1
Core References

Scores

CVSS v3 6.5
EPSS 0.0284
EPSS Percentile 85.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

Details

VulnCheck KEV 2024-01-30
CWE
CWE-73
Status published
Products (14)
microsoft/windows_10_1507 < 10.0.10240.19926
microsoft/windows_10_1607 < 10.0.14393.5921
microsoft/windows_10_1809 < 10.0.17763.4377
microsoft/windows_10_20h2 < 10.0.19042.2965
microsoft/windows_10_21h2 < 10.0.19044.2965
microsoft/windows_10_22h2 < 10.0.19045.2965
microsoft/windows_11_21h2 < 10.0.22000.1936
microsoft/windows_11_22h2 < 10.0.22000.1702
microsoft/windows_server_2008
microsoft/windows_server_2008 r2 sp1
... and 4 more
Published May 09, 2023
Tracked Since Feb 18, 2026