Lucene search
MicrosoftCVELIST:CVE-2023-21752HistoryJan 10, 2023 - 12:00 a.m.
CVE-2023-21752 Windows Backup Service Elevation of Privilege Vulnerability
2023-01-1000:00:00
CWE-284
microsoft
www.cve.org
10
windows backup service
elevation of privilege
vulnerability
CVSS3
7.1
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
AI Score
7.9
Confidence
High
EPSS
0.003
Percentile
66.3%
CNA Affected
[
{
"vendor": "Microsoft",
"product": "Windows 10 Version 22H2",
"cpes": [
"cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.2486:*:*:*:*:*:arm64:*",
"cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.2486:*:*:*:*:*:x86:*",
"cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.2486:*:*:*:*:*:x64:*"
],
"platforms": [
"ARM64-based Systems",
"32-bit Systems",
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.19045.2486",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows 11 version 22H2",
"cpes": [
"cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.1105:*:*:*:*:*:arm64:*",
"cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.1105:*:*:*:*:*:x64:*"
],
"platforms": [
"ARM64-based Systems",
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.22621.1105",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows 10 Version 21H2",
"cpes": [
"cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.2486:*:*:*:*:*:arm64:*",
"cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.2486:*:*:*:*:*:x86:*",
"cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.2486:*:*:*:*:*:x64:*"
],
"platforms": [
"ARM64-based Systems",
"32-bit Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.19044.2486",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows 11 version 21H2",
"cpes": [
"cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.1455:*:*:*:*:*:x64:*",
"cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.1455:*:*:*:*:*:arm64:*"
],
"platforms": [
"x64-based Systems",
"ARM64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.22000.1455",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows 10 Version 20H2",
"cpes": [
"cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.2486:*:*:*:*:*:x86:*",
"cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.2486:*:*:*:*:*:arm64:*"
],
"platforms": [
"32-bit Systems",
"ARM64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.19042.2486",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows 10 Version 1809",
"cpes": [
"cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.3887:*:*:*:*:*:x86:*",
"cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.3887:*:*:*:*:*:arm64:*",
"cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.3887:*:*:*:*:*:x64:*"
],
"platforms": [
"32-bit Systems",
"ARM64-based Systems",
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.17763.3887",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows 10 Version 1607",
"cpes": [
"cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.5648:*:*:*:*:*:x86:*",
"cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.5648:*:*:*:*:*:x64:*"
],
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.14393.5648",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows 7 Service Pack 1",
"cpes": [
"cpe:2.3:o:microsoft:windows_7:6.1.7601.26321:sp1:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "6.1.0",
"lessThan": "6.1.7601.26321",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows 10 Version 1507",
"cpes": [
"cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19685:*:*:*:*:*:x64:*",
"cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19685:*:*:*:*:*:x86:*"
],
"platforms": [
"x64-based Systems",
"32-bit Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.10240.19685",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows 7",
"cpes": [
"cpe:2.3:o:microsoft:windows_7:6.1.7601.26321:sp1:*:*:*:*:x86:*"
],
"platforms": [
"32-bit Systems"
],
"versions": [
{
"version": "6.1.0",
"lessThan": "6.1.7601.26321",
"versionType": "custom",
"status": "affected"
}
]
}
]Related
prion
prion
Privilege escalation
2023-01-10 22:15:00
nvd
nvd
CVE-2023-21752
2023-01-10 22:15:18
exploitdb
exploitdb
Windows 11 10.0.22000 - Backup service Privilege Escalation
2023-04-03 00:00:00
githubexploit
githubexploit
Exploit for Improper Access Control in Microsoft
2023-01-10 15:59:26
Exploit for CVE-2014-4210
2022-03-19 01:54:15
Exploit for CVE-2014-4210
2022-03-19 01:54:15
mscve
mscve
Windows Backup Service Elevation of Privilege Vulnerability
2023-01-10 08:00:00
cnvd
cnvd
zdt
zdt
Windows 11 10.0.22000 - Backup service Privilege Escalation Vulnerability
2023-04-03 00:00:00
cve
cve
CVE-2023-21752
2023-01-10 22:15:18
avleonov
avleonov
nessus
nessus
KB5022339: Windows Server 2008 R2 Security Update (January 2023)
2023-01-10 00:00:00
KB5022289: Windows 10 Version 1607 and Windows Server 2016 Security Update (January 2023)
2023-01-10 00:00:00
KB5022297: Windows 10 LTS 1507 Security Update (January 2023)
2023-01-10 00:00:00
mskb
mskb
January 10, 2023âKB5022339 (Security-only update)
2023-01-10 08:00:00
January 10, 2023âKB5022338 (Monthly Rollup)
2023-01-10 08:00:00
January 10, 2023âKB5022289 (OS Build 14393.5648)
2023-04-11 07:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5022338)
2023-01-11 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5022297)
2023-01-11 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5022289)
2023-01-11 00:00:00
kaspersky
kaspersky
KLA20158 Multiple vulnerabilities in Microsoft Products (ESU)
2023-01-10 00:00:00
KLA20154 Multiple vulnerabilities in Microsoft Windows
2023-01-10 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - January 2023
2023-01-10 22:32:55
CVSS3
7.1
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
AI Score
7.9
Confidence
High
EPSS
0.003
Percentile
66.3%
Related for CVELIST:CVE-2023-21752