CVE-2023-36802

Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability

Basic Information

CVE State: PUBLISHED
Reserved Date: June 27, 2023
Published Date: September 12, 2023
Last Updated: February 04, 2025
Vendor: Microsoft
Product: Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2
Description: Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability
Tags

CVSS Scores

CVSS v3.1

7.8 - HIGH

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

SSVC Information

Exploitation: active
Technical Impact: total

Exploit Status

Exploited in the Wild: Yes (2023-09-12 00:00:00 UTC) Source
Proof of Concept Available: Yes (added 2024-06-12 06:19:50 UTC) Source

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36802

Known Exploited Vulnerability Information

Source	Added Date
CISA	2023-09-12 00:00:00 UTC

Potential Proof of Concepts

Warning: These PoCs have not been tested and could contain malware. Use at your own risk.

ISH2YU/CVE-2023-36802

Type: github • Created: 2024-06-12 06:19:50 UTC • Stars: 1

Procedure to Recreate the Exploit for CVE-2023-36802 targeting MSKSSRV.SYS driver

x0rb3l/CVE-2023-36802-MSKSSRV-LPE

Type: github • Created: 2023-10-20 02:05:27 UTC • Stars: 35

PoC for CVE-2023-36802 Microsoft Kernel Streaming Service Proxy

4zur-0312/CVE-2023-36802

Type: github • Created: 2023-10-19 23:34:37 UTC • Stars: 14

CVE-2023-36802 ITW case

chompie1337/Windows_MSKSSRV_LPE_CVE-2023-36802

Type: github • Created: 2023-10-09 17:32:15 UTC • Stars: 161

LPE exploit for CVE-2023-36802

Timeline

CVE ID Reserved

June 27, 2023
Added to KEVIntel

September 12, 2023
CVE Published to Public

September 12, 2023
Proof of Concept Exploit Available

June 12, 2024