CVE-2023-29325
Published on: Not Yet Published
Last Modified on: 07/11/2023 05:07:42 PM UTC
Certain versions of Windows 10 1507 from Microsoft contain the following vulnerability:
Windows OLE Remote Code Execution Vulnerability
- CVE-2023-29325 has been assigned by
secur[email protected] to track the vulnerability - currently rated as HIGH severity.
CVSS3 Score: 7.5 - HIGH
| Attack Vector ⓘ |
Attack Complexity |
Privileges Required |
User Interaction |
|---|---|---|---|
| NETWORK | HIGH | NONE | REQUIRED |
| Scope | Confidentiality Impact |
Integrity Impact |
Availability Impact |
| UNCHANGED | HIGH | HIGH | HIGH |
CVE References
| Description | Tags ⓘ | Link |
|---|---|---|
| Security Update Guide - Microsoft Security Response Center | msrc.microsoft.com text/html |
MISC msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29325 |
Related QID Numbers
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Microsoft | Windows 10 1507 | All | All | All | All |
| Operating System | Microsoft | Windows 10 1607 | All | All | All | All |
| Operating System | Microsoft | Windows 10 1809 | All | All | All | All |
| Operating System | Microsoft | Windows 10 20h2 | All | All | All | All |
| Operating System | Microsoft | Windows 10 21h2 | All | All | All | All |
| Operating System | Microsoft | Windows 10 22h2 | All | All | All | All |
| Operating System | Microsoft | Windows 11 21h2 | All | All | All | All |
| Operating System | Microsoft | Windows 11 22h2 | All | All | All | All |
| Operating System | Microsoft | Windows Server 2008 | - | sp2 | All | All |
| Operating System | Microsoft | Windows Server 2008 | r2 | sp1 | All | All |
| Operating System | Microsoft | Windows Server 2012 | - | All | All | All |
| Operating System | Microsoft | Windows Server 2012 | r2 | All | All | All |
| Operating System | Microsoft | Windows Server 2016 | - | All | All | All |
| Operating System | Microsoft | Windows Server 2022 | - | All | All | All |
- cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*:
- cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*:
- cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*:
- cpe:2.3:o:microsoft:windows_10_20h2:*:*:*:*:*:*:*:*:
- cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*:
- cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*:
- cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*:
- cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*:
- cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*:
- cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*:
- cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*:
- cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*:
- cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*:
- cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*:
No vendor comments have been submitted for this CVE
Social Mentions
| Source | Title | Posted (UTC) |
|---|---|---|
 @HaifeiLi |
@wdormann sounds interesting! plan to release details? msrc.microsoft.com/update-guide/v… | 2023-05-09 17:58:20 |
| @CVEreport |
CVE-2023-29325 : #Windows OLE Remote Code Execution Vulnerability... cve.report/CVE-2023-29325 | 2023-05-09 18:14:08 |
| @wdormann |
@HaifeiLi Interestingly, Microsoft had pushed out a mitigation for CVE-2023-29325 (through a mechanism that I have… twitter.com/i/web/status/1… | 2023-05-09 18:21:06 |
 /r/k12cybersecurity |
MS-ISAC CYBERSECURITY ADVISORY - Critical Patches Issued for Microsoft Products, May 9, 2023 - PATCH: NOW | 2023-05-09 21:16:19 |
| /r/Action1 |
Microsoft issues patches for 38 flaws, including zero-day in Secure Boot via ITWire | 2023-05-10 14:11:16 |
| /r/Action1 |
ComputerWeekly Patch Tuesday overview | 2023-05-11 14:12:39 |