CVE-2023-36424

HIGH KEV

Windows Common Log File System Driver - Privilege Escalation

Title source: llm

Description

Windows Common Log File System Driver Elevation of Privilege Vulnerability

Exploits (2)

nomisec WORKING POC 128 stars
by zerozenxlabs · remote
https://github.com/zerozenxlabs/CVE-2023-36424
inthewild WORKING POC
poc
https://github.com/nassim-asrir/cve-2023-36424

References (2)

Scores

CVSS v3 7.8
EPSS 0.0729
EPSS Percentile 91.7%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2026-04-13
VulnCheck KEV 2026-04-13
ENISA EUVD EUVD-2023-40389
CWE
CWE-125
Status published
Products (44)
microsoft/windows_10_1507 < 10.0.10240.20308 (2 CPE variants)
microsoft/windows_10_1607 < 10.0.14393.6452 (2 CPE variants)
microsoft/windows_10_1809 < 10.0.17763.5122 (3 CPE variants)
microsoft/windows_10_21h2 < 10.0.19041.3693
microsoft/windows_10_22h2 < 10.0.19045.3693
Microsoft/Windows 10 Version 1507 10.0.10240.0 - 10.0.10240.20308
Microsoft/Windows 10 Version 1607 10.0.14393.0 - 10.0.14393.6452
Microsoft/Windows 10 Version 1809 10.0.0 - 10.0.17763.5122
Microsoft/Windows 10 Version 1809 10.0.17763.0 - 10.0.17763.5122
Microsoft/Windows 10 Version 21H2 10.0.19043.0 - 10.0.19043.3693
... and 34 more
Published Nov 14, 2023
KEV Added Apr 13, 2026
Tracked Since Feb 18, 2026