What is CVE-2023-36036?

CVE-2023-36036 is a high-severity elevation of privilege vulnerability in the Windows Cloud Files Mini Filter Driver, affecting Windows 10, Windows 11, and Windows Server. It impacts systems with x64, x86, and ARM64 architectures. If exploited, an attacker could gain SYSTEM privileges, posing a significant risk. Users should apply security updates to mitigate this vulnerability.

Who is impacted by CVE-2023-36036?

This vulnerability affects users of Windows 10, Windows 11, and Windows Server operating systems utilizing the Windows Cloud Files Mini Filter Driver. It poses a risk of SYSTEM privilege escalation, making it crucial for users to protect their systems.

What should I do if I’m affected?

If affected by CVE-2023-36036, take the following actions:

1. Apply the security updates provided by Microsoft.

2. Ensure systems are running the latest software versions and patches.

3. Regularly update software and operating systems.

4. Monitor systems for signs of unauthorized access or exploitation.

5. Follow best practices for securing systems and networks.

Is this in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2023-36036 vulnerability is listed in CISA's Known Exploited Vulnerabilities Catalog. This Microsoft Windows Cloud Files Mini Filter Driver Privilege Escalation Vulnerability was added to the catalog on November 14, 2023, and the due date for addressing it is December 5, 2023.

Weakness Enumeration

The weakness enumeration for this vulnerability is categorized as CWE-122, a heap-based buffer overflow issue affecting the Windows Cloud Files Mini Filter Driver.

Learn More

For a comprehensive understanding of its description, severity, technical details, and known affected software configurations, refer to the NVD page.

• NVD - CVE-2023-36036

• Microsoft Security Update Guide

• CISA BOD 22-01

• CISA Known Exploited Vulnerabilities Catalog