CVE-2023-36424— Windows Common Log File System Driver Elevation of Privilege Vulnerability
In-the-Wild Activity Observed cisa_kev · confirmed
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2023-36424
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Source: NVD (National Vulnerability Database)
Vulnerability Description
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
跨界内存读
Source: NVD (National Vulnerability Database)
Vulnerability Title
Microsoft Windows Common Log File System Driver 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Microsoft Windows Common Log File System Driver是美国微软(Microsoft)公司的通用日志文件系统 (CLFS) API 提供了一个高性能、通用的日志文件子系统,专用客户端应用程序可以使用该子系统并且多个客户端可以共享以优化日志访问。 Microsoft Windows Common Log File System Driver存在安全漏洞。攻击者利用该漏洞可以提升权限。以下产品和版本受到影响:Windows 11 Version 23H2 for ARM
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Shenlong Deep Dive — AI Deep Analysis
10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.
Affected Products
II. Public POCs for CVE-2023-36424
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | Windows Kernel Pool (clfs.sys) Corruption Privilege Escalation | https://github.com/Nassim-Asrir/CVE-2023-36424 | POC Details |
| 2 | Windows Kernel Pool (clfs.sys) Corruption Privilege Escalation | https://github.com/zerozenxlabs/CVE-2023-36424 | POC Details |
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2023-36424
请登录查看更多情报信息。
Same Patch Batch · Microsoft · 2023-11-14 · 57 CVEs total
| CVE-2023-36397 | 9.8 CRITICAL | Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability |
| CVE-2023-36028 | 9.8 CRITICAL | Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulner |
| CVE-2023-36400 | 8.8 HIGH | Windows HMAC Key Derivation Elevation of Privilege Vulnerability |
| CVE-2023-36402 | 8.8 HIGH | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability |
| CVE-2023-36560 | 8.8 HIGH | ASP.NET Security Feature Bypass Vulnerability |
| CVE-2023-36423 | 8.8 HIGH | Microsoft Remote Registry Service Remote Code Execution Vulnerability |
| CVE-2023-36437 | 8.8 HIGH | Azure DevOps Server Remote Code Execution Vulnerability |
| CVE-2023-36025 | 8.8 HIGH | Windows SmartScreen Security Feature Bypass Vulnerability |
| CVE-2023-36017 | 8.8 HIGH | Windows Scripting Engine Memory Corruption Vulnerability |
| CVE-2023-38151 | 8.8 HIGH | Microsoft Host Integration Server 2020 Remote Code Execution Vulnerability |
| CVE-2023-36052 | 8.6 HIGH | Azure CLI REST Command Information Disclosure Vulnerability |
| CVE-2023-36038 | 8.2 HIGH | ASP.NET Core Denial of Service Vulnerability |
| CVE-2023-36050 | 8.0 HIGH | Microsoft Exchange Server Spoofing Vulnerability |
| CVE-2023-36039 | 8.0 HIGH | Microsoft Exchange Server Spoofing Vulnerability |
| CVE-2023-36021 | 8.0 HIGH | Microsoft On-Prem Data Gateway Security Feature Bypass Vulnerability |
| CVE-2023-36439 | 8.0 HIGH | Microsoft Exchange Server Remote Code Execution Vulnerability |
| CVE-2023-36035 | 8.0 HIGH | Microsoft Exchange Server Spoofing Vulnerability |
| CVE-2023-36425 | 8.0 HIGH | Windows Distributed File System (DFS) Remote Code Execution Vulnerability |
| CVE-2023-36393 | 7.8 HIGH | Windows User Interface Application Core Remote Code Execution Vulnerability |
| CVE-2023-36036 | 7.8 HIGH | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability |
Showing top 20 of 57 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same product: Windows 11 version 22H3
- CVE-2026-40402
Windows Hyper-V Elevation of Privilege Vulnerability - CVE-2026-41096
Windows DNS Client Remote Code Execution Vulnerability - CVE-2026-32076
Windows Storage Spaces Controller Elevation of Privilege Vul - CVE-2026-33096
HTTP.sys Denial of Service Vulnerability - CVE-2026-32152
Desktop Window Manager Elevation of Privilege Vulnerability
Same vendor: Microsoft
- CVE-2026-42822
Azure Local Disconnected Operations (ALDO) Elevation of Priv - CVE-2026-45495
Microsoft Edge (Chromium-based) Remote Code Execution Vulner - CVE-2026-45494
Microsoft Edge (Chromium-based) Spoofing Vulnerability - CVE-2026-45492
Microsoft Edge (Chromium-based) Security Feature Bypass Vuln - CVE-2026-46383
Microsoft APM: Windows absolute-path tar member overwrite du
V. Comments for CVE-2023-36424
No comments yet