Changeflow GovPing Data Privacy & Cybersecurity Windows Common Log File System Driver Elevation...
Priority review Notice Added Final

Windows Common Log File System Driver Elevation of Privilege Vulnerability CVE-2023-36424

Favicon for www.cisa.gov CISA Known Exploited Vulnerabilities (KEV)
Published
Detected
Email

Summary

CISA has added CVE-2023-36424 to its Known Exploited Vulnerabilities catalog. The vulnerability is a Windows Common Log File System Driver elevation of privilege flaw with a CVSS 3.1 score of 7.8 (HIGH). It affects numerous Windows versions including Windows 10, 11, Server 2019-2022, and legacy systems. CISA has determined this vulnerability has been actively exploited in the wild, triggering remediation requirements for federal agencies under Binding Operational Directive 22-01.

View original document View source feed page

What changed

CISA added CVE-2023-36424 to its Known Exploited Vulnerabilities catalog. The vulnerability is a Windows Common Log File System Driver elevation of privilege flaw that allows an authenticated user to gain SYSTEM-level privileges. With a CVSS 3.1 score of 7.8 (HIGH), it affects multiple Windows versions from Windows 8.1 through Windows 11 and Windows Server 2019-2022.

Organizations running affected Windows systems should treat this as urgent priority given CISA's determination of active exploitation. Federal agencies face mandatory remediation timelines under BOD 22-01. Private organizations should immediately review their asset inventories for affected versions and deploy Microsoft security updates. The vulnerability stems from an out-of-bounds read (CWE-125).

What to do next

  1. Review CVE-2023-36424 details on the CVE Program website
  2. Apply Microsoft security updates to affected Windows systems
  3. Prioritize patching based on CISA KEV remediation timelines

Archived snapshot

Apr 14, 2026

GovPing captured this document from the original source. If the source has since changed or been removed, this is the text as it existed at that time.

Required CVE Record Information

CNA: Microsoft Corporation

Description

Windows Common Log File System Driver Elevation of Privilege Vulnerability

CWE 1 Total

Learn more
- CWE-125: CWE-125: Out-of-bounds Read

CVSS 1 Total

Learn more
| Score | Severity | Version | Vector String |
| --- | --- | --- | --- |
| 7.8 | HIGH | 3.1 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |

Product Status

Learn more Versions 1 Total

Default Status: unknown

affected

  • affected from 10.0.22631.0 before 10.0.22631.2715 Versions 1 Total

Default Status: unknown

affected

  • affected from 10.0.25398.0 before 10.0.25398.531 Versions 1 Total

Default Status: unknown

affected

  • affected from 10.0.22631.0 before 10.0.22631.2715 Versions 1 Total

Default Status: unknown

affected

  • affected from 10.0.17763.0 before 10.0.17763.5122 Versions 1 Total

Default Status: unknown

affected

  • affected from 10.0.0 before 10.0.17763.5122 Versions 1 Total

Default Status: unknown

affected

  • affected from 10.0.17763.0 before 10.0.17763.5122 Versions 1 Total

Default Status: unknown

affected

  • affected from 10.0.17763.0 before 10.0.17763.5122 Versions 1 Total

Default Status: unknown

affected

  • affected from 10.0.20348.0 before 10.0.20348.2113 Versions 1 Total

Default Status: unknown

affected

  • affected from 10.0.0 before 10.0.22000.2600 Versions 1 Total

Default Status: unknown

affected

  • affected from 10.0.19043.0 before 10.0.19043.3693 Versions 1 Total

Default Status: unknown

affected

  • affected from 10.0.22621.0 before 10.0.22621.2715 Versions 1 Total

Default Status: unknown

affected

  • affected from 10.0.19045.0 before 10.0.19045.3693 Versions 1 Total

Default Status: unknown

affected

  • affected from 10.0.10240.0 before 10.0.10240.20308 Versions 1 Total

Default Status: unknown

affected

  • affected from 10.0.14393.0 before 10.0.14393.6452 Versions 1 Total

Default Status: unknown

affected

  • affected from 10.0.14393.0 before 10.0.14393.6452 Versions 1 Total

Default Status: unknown

affected

  • affected from 10.0.14393.0 before 10.0.14393.6452 Versions 1 Total

Default Status: unknown

affected

  • affected from 6.0.6003.0 before 6.0.6003.22367 Versions 1 Total

Default Status: unknown

affected

  • affected from 6.0.6003.0 before 6.0.6003.22367 Versions 1 Total

Default Status: unknown

affected

  • affected from 6.0.6003.0 before 6.0.6003.22367 Versions 1 Total

Default Status: unknown

affected

  • affected from 6.1.7601.0 before 6.1.7601.26816 Versions 1 Total

Default Status: unknown

affected

  • affected from 6.1.7601.0 before 6.1.7601.26816 Versions 1 Total

Default Status: unknown

affected

  • affected from 6.2.9200.0 before 6.2.9200.24569 Versions 1 Total

Default Status: unknown

affected

  • affected from 6.2.9200.0 before 6.2.9200.24569 Versions 1 Total

Default Status: unknown

affected

  • affected from 6.3.9600.0 before 6.3.9600.21668 Versions 1 Total

Default Status: unknown

affected

  • affected from 6.3.9600.0 before 6.3.9600.21668

References 1 Total

CVE Program

Updated:

2024-08-02

This container includes required additional information provided by the CVE Program for this vulnerability.

References 1 Total

Authorized Data Publishers

Learn more

CISA-ADP

Updated:

2026-04-14

SSVC and KEV, plus CVSS and CWE if not provided by the CNA.

SSVC 1 Total

Learn more
| Exploitation | Automatable | Technical Impact | Version | Date Accessed |
| --- | --- | --- | --- | --- |
| active | no | total | 2.0.3 | 2023-11-13 |

KEV 1 Total

Learn more
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-36424 (2026-04-13)

Related changes

Favicon for www.cisa.gov Microsoft Windows Host Process for Windows Tasks Privilege Escalation Vulnerability CVE-2025-60710
Priority review Apr 14, 2026 CISA Known Exploited Vulnerabilities (KEV) Data Privacy & Cybersecurity
Favicon for www.cisa.gov CVE-2023-21529: Microsoft Exchange Server RCE Vulnerability Added to Known Exploited Vulnerabilities Catalog
Priority review Apr 14, 2026 CISA Known Exploited Vulnerabilities (KEV) Data Privacy & Cybersecurity
Favicon for www.cisa.gov CVE-2009-0238: Microsoft Excel Remote Code Execution Vulnerability
Priority review Apr 15, 2026 CISA Known Exploited Vulnerabilities (KEV) Data Privacy & Cybersecurity

Get daily alerts for CISA Known Exploited Vulnerabilities (KEV)

Daily digest delivered to your inbox.

Free. Unsubscribe anytime.

Source

Favicon for www.cisa.gov
CISA Known Exploited Vulnerabilities (KEV) cisa.gov/known-exploited-vulnerabilities-catalog
Data Privacy & Cybersecurity

About this page

What is GovPing?

Every important government, regulator, and court update from around the world. One place. Real-time. Free. Our mission

What's from the agency?

Source document text, dates, docket IDs, and authority are extracted directly from CISA.

What's AI-generated?

The summary, classification, recommended actions, deadlines, and penalty information are AI-generated from the original text and may contain errors. Always verify against the source document.

Last updated

Press inquiries →

Classification

Agency
CISA
Published
August 2nd, 2024
Instrument
Notice
Legal weight
Non-binding
Stage
Final
Change scope
Substantive
Document ID
CVE-2023-36424

Who this affects

Applies to
Technology companies Government agencies Manufacturers
Industry sector
5112 Software & Technology
Activity scope
Vulnerability remediation Patch management System hardening
Geographic scope
United States US

Taxonomy

Primary area
Cybersecurity
Operational domain
IT Security
Compliance frameworks
NIST CSF
Topics
Data Privacy Information Security

Browse Categories

Agriculture & Food Safety 64 AI Regulation 3 Banking & Finance 292 Consumer Protection 46 Courts & Legal 361 Data Privacy & Cybersecurity 76 Defense & National Security 51 Education 21 Energy 100 Environment 86 Environmental & Energy 4 Environmental Regulation 7 Financial Regulation 2 Government & Legislation 279 Government Operations 3 Healthcare 136 Healthcare & Life Sciences 3 Housing 16 Immigration 8 Immigration & Border Control 1 Insurance 58 Labor & Employment 113 Legal & Judicial 7 Pharma & Drug Safety 104 Public Health 2 Real Estate & Housing 2 Sanctions & Export Controls 1 Securities & Markets 103 Securities Regulation 6 Tax 65 Telecom & Technology 47 Trade & Commerce 2 Trade & Sanctions 135 Transportation 58

Get alerts for this source

We'll email you when CISA Known Exploited Vulnerabilities (KEV) publishes new changes.

Free. Unsubscribe anytime.

You're subscribed!