CVE-2023-36914

EUVD-2023-40834
Windows Smart Card Resource Management Server Security Feature Bypass Vulnerability
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
microsoftCNA
5.5 MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 39%
Affected Products (NVD)
VendorProductVersion
microsoftwindows_10_21h2
10.0.19044.3324
microsoftwindows_10_21h2
10.0.19044.3324
microsoftwindows_10_21h2
10.0.19044.3324
microsoftwindows_10_22h2
10.0.19045.3324
microsoftwindows_10_22h2
10.0.19045.3324
microsoftwindows_10_22h2
10.0.19045.3324
microsoftwindows_11_21h2
10.0.22000.2295
microsoftwindows_11_21h2
10.0.22000.2295
microsoftwindows_11_22h2
10.0.22621.2134
microsoftwindows_11_22h2
10.0.22621.2134
microsoftwindows_server_2022
-
𝑥
= Vulnerable software versions
Windows Releases
Platform
Version
Windows 10
21H2 (arm64, x64, x86)
KB5029244
22H2 (arm64, x64, x86)
KB5029244
Windows 11
21H2 (arm64, x64)
KB5029253
22H2 (arm64, x64)
KB5029263
Windows Server 2022
Server Core
KB5029367
Standard
KB5029367
References
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36914
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36914