CVE-2023-28252

Published on: Not Yet Published

Last Modified on: 04/13/2023 01:10:00 AM UTC

CVE-2023-28252

Source: Mitre Source: NIST CVE.ORG Print: PDF PDF
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Certain versions of Windows 10 1507 from Microsoft contain the following vulnerability:

Windows Common Log File System Driver Elevation of Privilege Vulnerability

  • CVE-2023-28252 has been assigned by URL Logo [email protected] to track the vulnerability - currently rated as HIGH severity.

CVSS3 Score: 7.8 - HIGH

Attack
Vector 		Attack
Complexity		 Privileges
Required		 User
Interaction
LOCAL LOW LOW NONE
Scope Confidentiality
Impact		 Integrity
Impact		 Availability
Impact
UNCHANGED HIGH HIGH HIGH

CVE References

Description Tags Link
Security Update Guide - Microsoft Security Response Center Patch
Vendor Advisory
msrc.microsoft.com
text/html
 URL Logo MISC msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28252
By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].

Related QID Numbers

  • 92003 Microsoft Windows Security Update for April 2023
  • 92005 Microsoft Azure Stack Hub Security Update for April 2023

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
Operating
System		MicrosoftWindows 10 1507AllAllAllAll
Operating
System		MicrosoftWindows 10 1607AllAllAllAll
Operating
System		MicrosoftWindows 10 1809AllAllAllAll
Operating
System		MicrosoftWindows 10 20h2AllAllAllAll
Operating
System		MicrosoftWindows 10 21h2AllAllAllAll
Operating
System		MicrosoftWindows 10 22h2AllAllAllAll
Operating
System		MicrosoftWindows 11 21h2AllAllAllAll
Operating
System		MicrosoftWindows 11 22h2AllAllAllAll
Operating
System		MicrosoftWindows Server 2008-sp2AllAll
Operating
System		MicrosoftWindows Server 2008r2sp1AllAll
Operating
System		MicrosoftWindows Server 2012-AllAllAll
Operating
System		MicrosoftWindows Server 2012r2AllAllAll
Operating
System		MicrosoftWindows Server 2016-AllAllAll
Operating
System		MicrosoftWindows Server 2019-AllAllAll
Operating
System		MicrosoftWindows Server 2022-AllAllAll
  • cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*:
  • cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*:
  • cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*:
  • cpe:2.3:o:microsoft:windows_10_20h2:*:*:*:*:*:*:*:*:
  • cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*:
  • cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*:
  • cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*:
  • cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*:
  • cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*:
  • cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*:
  • cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*:
  • cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*:

Social Mentions

Source Title Posted (UTC)
Twitter Icon @ComputerPunks #CVE Windows Common Log File System Driver Elevation of Privilege Vulnerability msrc.microsoft.com/update-guide/v… 2023-04-11 16:55:06
Twitter Icon @KevTheHermit Another #patchtuesday rolls around again and looks like one actively exploited in the wild. CVE-2023-28252 Priv esc… twitter.com/i/web/status/1… 2023-04-11 17:08:50
Twitter Icon @akamai_research CVE-2023-28252 (which was reported to have been observed in-the-wild) is a vulnerability in Windows’s Common Log Fi… twitter.com/i/web/status/1… 2023-04-11 17:22:09
Twitter Icon @oct0xor We found a new zero-day (CVE-2023-28252) in Microsoft Windows used in Nokoyawa ransomware attacks securelist.com/nokoyawa-ranso… 2023-04-11 17:47:41
Twitter Icon @jeffespo #PatchTuesday CVE-2023-28252 Nokoyawa #ransomware attacks with #Windows zero-day securelist.com/nokoyawa-ranso… #0Day via @oct0xor 2023-04-11 17:53:16
Twitter Icon @KEV_bot_1 CVE-2023-28252 - Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability has been… twitter.com/i/web/status/1… 2023-04-11 18:11:52
Twitter Icon @CISACyber ❗ #CVE-2023-28252 has also been added to the Known Exploited Vulnerabilities Catalog. More at… twitter.com/i/web/status/1… 2023-04-11 18:21:15
Twitter Icon @the_yellow_fall Microsoft's April 2023 Patch Tuesday fixes exploited zero-day CVE-2023-28252 vulnerability securityonline.info/microsofts-apr…twitter.com/i/web/status/1… 2023-04-11 18:21:48
Twitter Icon @AcooEdi Microsoft’s April 2023 Patch Tuesday fixes exploited zero-day CVE-2023-28252 vulnerability dlvr.it/SmKfgvtwitter.com/i/web/status/1… 2023-04-11 18:22:33
Twitter Icon @UK_Daniel_Card CVE-2023-28252 ELOP ??? 2023-04-11 18:39:33
Twitter Icon @the_yellow_fall Hackers exploit CVE-2023-28252 0-day to deploy the Nokoyawa ransomware securityonline.info/hackers-exploi… #opensource #infosec #security #pentesting 2023-04-11 18:41:06
Twitter Icon @AcooEdi Hackers exploit CVE-2023-28252 0-day to deploy the Nokoyawa ransomware dlvr.it/SmKjYP via securityonline https://t.co/TjDSstN3oN 2023-04-11 18:43:33
Twitter Icon @ipssignatures The vuln CVE-2023-28252 has a tweet created 0 days ago and retweeted 27 times. twitter.com/oct0xor/status… #pow1rtrtwwcve 2023-04-11 20:06:00
Twitter Icon @CyberIQs_ Microsoft patches zero-day exploited by attackers (CVE-2023-28252) #infosec #infosecurity #cybersecurity… twitter.com/i/web/status/1… 2023-04-11 20:09:55
Twitter Icon @Cybernozcom Microsoft patches zero-day exploited by attackers (CVE-2023-28252) cybernoz.com/microsoft-patc… #cybersecurity… twitter.com/i/web/status/1… 2023-04-11 20:12:53
Twitter Icon @Dinosn Hackers exploit CVE-2023-28252 0-day to deploy the Nokoyawa ransomware securityonline.info/hackers-exploi… 2023-04-11 20:13:01
Twitter Icon @BleepinComputer The CVE-2023-28252 zero-day fixed by Microsoft today was used in Nokoyawa ransomware attacks. twitter.com/BleepinCompute… 2023-04-11 20:17:58
Twitter Icon @CyberIQs_ Microsoft’s April 2023 Patch Tuesday Addresses 97 CVEs (CVE-2023-28252) #infosec #infosecurity #cybersecurity… twitter.com/i/web/status/1… 2023-04-11 20:18:56
Twitter Icon @Komodosec #CyberSecurity #Malware Hackers exploit CVE-2023-28252 0-day to deploy the Nokoyawa ransomware securityonline.info/hackers-exploi… 2023-04-11 20:20:02
Twitter Icon @cybersecureny BleepinComputer: The CVE-2023-28252 zero-day fixed by Microsoft today was used in Nokoyawa ransomware attacks.… twitter.com/i/web/status/1… 2023-04-11 20:21:25
Twitter Icon @CVEreport CVE-2023-28252 : #Windows Common Log File System Driver Elevation of Privilege Vulnerability... cve.report/CVE-2023-28252 2023-04-11 20:26:08
Twitter Icon @cipherstorm Microsoft patches zero-day exploited by attackers (CVE-2023-28252): It’s April 2023 Patch Tuesday, and Microsoft ha… twitter.com/i/web/status/1… 2023-04-11 20:27:09
Twitter Icon @joviannfeed Help Net Security | "Microsoft patches zero-day exploited by attackers (CVE-2023-28252)" bit.ly/3GyXSdL 2023-04-11 20:28:24
Twitter Icon @SK_Expert Microsoft patches zero-day exploited by attackers (CVE-2023-28252) ift.tt/8d7NlZy #cyber #awareness… twitter.com/i/web/status/1… 2023-04-11 20:35:36
Twitter Icon @IT_securitynews Microsoft patches zero-day exploited by attackers (CVE-2023-28252) itsecuritynews.info/microsoft-patc… 2023-04-11 20:35:39
Twitter Icon @dansantanna Microsoft’s April 2023 Patch Tuesday Addresses 97 CVEs (CVE-2023-28252) ow.ly/SB2r104CyS8 2023-04-11 21:13:05
Twitter Icon @Sec_Cyber #Microsoft patches #zeroday #exploited by attackers (CVE-2023-28252) securecybersolution.com/microsoft-patc… 2023-04-11 21:13:07
Twitter Icon @SecurityNewsbot #Microsoft patches zero-day exploited by attackers (CVE-2023-28252) helpnetsecurity.com/2023/04/11/cve… #HelpNetSecurity 2023-04-11 21:30:10
Twitter Icon @jgreigj @CISAgov added three bugs — CVE-2023-28205, CVE-2023-28206 and CVE-2023-28252 — to its catalog of known exploited… twitter.com/i/web/status/1… 2023-04-11 21:31:08
Twitter Icon @__kokumoto 米国サイバーセキュリティ・インフラストラクチャ・セキュリティ庁が既知の悪用された脆弱性カタログにWindowsのCLFSドライバにおける権限昇格の脆弱性(CVE-2023-28252)を追加。対処期限5/2。 cisa.gov/news-events/al… 2023-04-11 21:43:00
Twitter Icon @__kokumoto マイクロソフトの2023年4月の定例更新で、ゼロデイ脆弱性1件を含む97件の不具合が修正された。ゼロデイ脆弱性はWindowsのCLFSドライバでの権限昇格(CVE-2023-28252)。同社の分類におけるゼロデイ脆弱性は、修正… twitter.com/i/web/status/1… 2023-04-11 21:48:20
Twitter Icon @tukanana 月刊Windows update、1件0-day(CVE-2023-28252)含む。その0dayはランサムウェアに使われた報告あり。 bleepingcomputer.com/news/microsoft… 2023-04-11 21:57:17
Twitter Icon @tukanana CVE-2023-28252を使ったNokoyawaランサムウェア。 securelist.com/nokoyawa-ranso… 2023-04-11 21:59:03
Twitter Icon @chartartScanner Microsoft patches zero-day exploited by attackers (CVE-2023-28252) Microsoft releases fixes for 97 vulnerabilities… twitter.com/i/web/status/1… 2023-04-11 22:34:51
Twitter Icon @ipssignatures The vuln CVE-2023-28252 has a tweet created 0 days ago and retweeted 13 times. twitter.com/Dinosn/status/… #pow1rtrtwwcve 2023-04-12 00:06:01
Twitter Icon @ka0com Microsoft’s April 2023 Patch Tuesday Addresses 97 CVEs (CVE-2023-28252) tenable.com/blog/microsoft… 2023-04-12 00:43:28
Twitter Icon @ka0com Microsoft patches zero-day exploited by attackers (CVE-2023-28252) helpnetsecurity.com/2023/04/11/cve… 2023-04-12 00:43:28
Twitter Icon @ohhara_shiojiri CVE-2023-28252 Windows 共通ログ ファイル システム ドライバーの特権の昇格の脆弱性 > ? Security Update Guide - Loading - Microsoft msrc.microsoft.com/update-guide/v… 2023-04-12 01:11:15
Twitter Icon @1ZRR4H CVE-2023-28252 LPE 0-day utilizado para implementar #Nokoyawa ransomware. POC Exploit: github.com/chompie1337/Wi… twitter.com/oct0xor/status… 2023-04-12 01:33:51
Twitter Icon @__kokumoto Windowsのゼロデイ脆弱性がランサムウェア攻撃で悪用されている。カスペルスキー報告。CLFSの権限昇格脆弱性(CVE-2023-28252)は2月から中東及び北米の中小企業での悪用が確認されており、Nokoyawaランサムウェ… twitter.com/i/web/status/1… 2023-04-12 01:42:08
Twitter Icon @IT_news_for_all / Windows Common Log File System Driver Elevation of Privilege Vulnerability msrc.microsoft.com/update-guide/v…... t.me/s/it_news_for_… 2023-04-12 01:46:17
Twitter Icon @kawn2020 #windowsupdate #microsoft 悪用を確認したもの 1 件 ・CVE-2023-28252 Windows 共通ログ ファイル システム ドライバーの特権の昇格の脆弱性(一般への公開なし) 2023-04-12 01:49:54
Reddit Logo Icon /r/crowdstrike 2023-04-13 // SITUATIONAL AWARENESS // CVE-2023-28252 CLFS Zero Day In the Wild; Patch Available 2023-04-13 13:53:10
© CVE.report 2023 Twitter Nitter Twitter Viewer |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report