Lucene search
HistorySep 12, 2023 - 5:15 p.m.
CVE-2023-38146
cve-2023-38146
windows
themes
remote code execution
vulnerability
nvd
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.7 High
AI Score
Confidence
High
0.905 High
EPSS
Percentile
98.8%
Windows Themes Remote Code Execution Vulnerability
Affected configurations
Node
microsoftwindows_11_21h2Range10.0.0β10.0.22000.2416
ORmicrosoftwindows_11_22h2Range10.0.0β10.0.22621.2283
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | windows_11_21h2 | * | cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:* |
| microsoft | windows_11_22h2 | * | cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "Microsoft",
"product": "Windows 11 version 21H2",
"cpes": [
"cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2416:*:*:*:*:*:x64:*",
"cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2416:*:*:*:*:*:arm64:*"
],
"platforms": [
"x64-based Systems",
"ARM64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.22000.2416",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows 11 version 22H2",
"cpes": [
"cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2283:*:*:*:*:*:arm64:*",
"cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2283:*:*:*:*:*:x64:*"
],
"platforms": [
"ARM64-based Systems",
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.22621.2283",
"versionType": "custom",
"status": "affected"
}
]
}
]Related
cvelist
cvelist
CVE-2023-38146 Windows Themes Remote Code Execution Vulnerability
2023-09-12 16:58:21
packetstorm
packetstorm
Themebleed Windows 11 Themes Arbitrary Code Execution
2024-01-05 00:00:00
mscve
mscve
Windows Themes Remote Code Execution Vulnerability
2023-09-12 07:00:00
zdt
zdt
Themebleed Windows 11 Themes Arbitrary Code Execution Exploit
2024-01-08 00:00:00
metasploit
metasploit
Themebleed- Windows 11 Themes Arbitrary Code Execution CVE-2023-38146
2023-12-12 16:09:13
nvd
nvd
CVE-2023-38146
2023-09-12 17:15:17
githubexploit
githubexploit
Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Microsoft
2023-10-13 15:33:42
malwarebytes
malwarebytes
ThemeBleed exploit is another reason to patch Windows quickly
2023-09-18 03:00:00
prion
prion
Remote code execution
2023-09-12 17:15:00
hivepro
hivepro
βThemeBleedβ flaw in Windows 11 Enables Code Execution
2023-09-18 07:09:12
nessus
nessus
KB5030219: Windows 11 version 22H2 Security Update (September 2023)
2023-09-12 00:00:00
KB5030217: Windows 11 version 21H2 Security Update (September 2023)
2023-09-12 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5030219)
2023-09-13 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5030217)
2023-09-13 00:00:00
mskb
mskb
September 12, 2023βKB5030219 (OS Build 22621.2283)
2023-09-12 07:00:00
September 12, 2023βKB5030217 (OS Build 22000.2416)
2023-09-12 07:00:00
avleonov
avleonov
kaspersky
kaspersky
KLA60566 Multiple vulnerabilities in Microsoft Windows
2023-09-12 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - September 2023
2023-09-12 22:55:55
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.7 High
AI Score
Confidence
High
0.905 High
EPSS
Percentile
98.8%
Related for CVE-2023-38146