CVE-2023-36874

HIGH KEV

Windows Error Reporting Service - Privilege Escalation

Title source: llm

Description

Windows Error Reporting Service Elevation of Privilege Vulnerability

Exploits (7)

nomisec WORKING POC 239 stars
by Wh04m1001 · local
https://github.com/Wh04m1001/CVE-2023-36874
nomisec WORKING POC 205 stars
by Octoberfest7 · local
https://github.com/Octoberfest7/CVE-2023-36874_BOF
nomisec WORKING POC 77 stars
by d0rb · poc
https://github.com/d0rb/CVE-2023-36874
nomisec WORKING POC 2 stars
by crisprss · local
https://github.com/crisprss/CVE-2023-36874
metasploit WORKING POC EXCELLENT
by Filip Dragović (Wh04m1001), Octoberfest7, bwatters-r7 · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/local/win_error_cve_2023_36874.rb
patchapalooza WORKING POC
by Adrien_CHAMUSSY · local
https://gitlab.com/Adrien_CHAMUSSY/cve-2023-36874

References (3)

Scores

CVSS v3 7.8
EPSS 0.7156
EPSS Percentile 98.7%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2023-07-11
VulnCheck KEV 2023-06-30
InTheWild.io 2023-06-30
ENISA EUVD EUVD-2023-40794
CWE
CWE-59
Status published
Products (14)
microsoft/windows_10_1507 < 10.0.10240.20048
microsoft/windows_10_1607 < 10.0.14393.6085 (2 CPE variants)
microsoft/windows_10_1809 < 10.0.17763.4645 (4 CPE variants)
microsoft/windows_10_21h2 < 10.0.19041.3208
microsoft/windows_10_22h2 < 10.0.19045.3208
microsoft/windows_11_21h2 < 10.0.22000.2176
microsoft/windows_11_22h2 < 10.0.22621.1992
microsoft/windows_server_2008
microsoft/windows_server_2008 r2 sp1
microsoft/windows_server_2012
... and 4 more
Published Jul 11, 2023
KEV Added Jul 11, 2023
Tracked Since Feb 18, 2026