NVD disclosure day
CVE-2023-36424
Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.
A flaw in the Windows Common Log File System Driver allows for privilege escalation. This could lead to unauthorized access and modification of data, posing a significant business risk to affected organizations. The vulnerability requires local access for exploitation.
CVE-2023-36036
Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.
A vulnerability in the Windows Cloud Files Mini Filter Driver allows local attackers to gain SYSTEM privileges. This could affect the confidentiality, integrity, and availability of systems and data. Organizations should identify affected systems and apply vendor-provided fixes.
CVE-2023-36033
Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.
A vulnerability in the Windows Desktop Window Manager Core Library allows an attacker with local access to gain elevated privileges. This could impact system integrity and data confidentiality, posing a business risk to affected organizations.
CVE-2023-36025
Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.
A vulnerability in Windows SmartScreen could allow attackers to bypass security checks, impacting multiple Windows and Windows Server versions. This could lead to unauthorized data access, modification, loss, and operational disruption. This issue is actively exploited, posing a significant business risk.