CVE-2023-28229 - Microsoft Windows CNG Key Isolation Service Privilege Escalation Vulnerability
CVE-2023-28229
Microsoft | Windows CNG Key Isolation Service
- Date Added:
- 2023-10-04
- Due Date:
- 2023-10-25
- Vulnerability Name
Microsoft Windows CNG Key Isolation Service Privilege Escalation Vulnerability
- Description
Microsoft Windows Cryptographic Next Generation (CNG) Key Isolation Service contains an unspecified vulnerability that allows an attacker to gain specific limited SYSTEM privileges.
- Known To Be Used in Ransomware Campaigns?
Unknown
- Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
- Additional Notes
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28229; https://nvd.nist.gov/vuln/detail/CVE-2023-28229
Free security scan for your website