CVE-2023-28235

EUVD-2023-31943
Windows Lock Screen Security Feature Bypass Vulnerability
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.8 MEDIUM
PHYSICAL
LOW
NONE
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
microsoftCNA
6.8 MEDIUM
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 38%
Affected Products (NVD)
VendorProductVersion
microsoftwindows_10_1809
𝑥
< 10.0.17763.4252
microsoftwindows_10_20h2
𝑥
< 10.0.19042.2846
microsoftwindows_10_21h2
𝑥
< 10.0.19044.2846
microsoftwindows_10_22h2
𝑥
< 10.0.19045.2846
microsoftwindows_server_2019
-
𝑥
= Vulnerable software versions
Windows Releases
Platform
Version
Windows 10
1809 (arm64, x64, x86)
KB5025229
20H2 (arm64, x86)
KB5025221
21H2 (arm64, x64, x86)
KB5025221
22H2 (arm64, x64, x86)
KB5025221
Windows Server 2019
Server Core
KB5025229
Standard
KB5025229
References
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28235
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28235