Skip to main content

CVE-2023-36884

Description

Windows Search Remote Code Execution Vulnerability

NVD
Severity: HIGH
CVE ID: CVE-2023-36884
CVSS Score: 8.8
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Microsoft Corporation
Severity: HIGH
CVE ID: CVE-2023-36884
CVSS Score: 7.5
CVSS Metrics: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Refrence: NVDMITRE

Proof Of Concept

Maxwitat

The remediation script should set the reg entries described in https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36884 . The detection script checks if they exist. Provided AS-IS without any warrenty.

Refrence: GitHub

deepinstinct

Recent Campaign abusing CVE-2023-36884

Refrence: GitHub

zerosorai

This is an emergency solution while Microsoft addresses the vulnerability.

Refrence: GitHub

tarraschk

Script to check for CVE-2023-36884 hardening

Refrence: GitHub

or2me

CVE-2023-36884 临时补丁

Refrence: GitHub

ToddMaxey

PowerShell Script for initial mitigation of vulnerability

Refrence: GitHub

ridsoliveira

Refrence: GitHub

raresteak

#comeonits2023 #ie9 #Storm-0978

Refrence: GitHub

jakabakos

MS Office and Windows HTML RCE (CVE-2023-36884) - PoC and exploit

Refrence: GitHub

Last updated on by Vulnerability_bot_v1.3.8