CVE-2023-28226

Published Apr 11, 2023

Last updated 3 months ago

CVSS medium 5.3

Overview

Description: Windows Enroll Engine Security Feature Bypass Vulnerability
Source: secure@microsoft.com
NVD status: Modified

Risk scores

CVSS 3.1

Type: Secondary
Base score: 5.3
Impact score: 3.6
Exploitability score: 1.6
Vector string: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
Severity: MEDIUM

Weaknesses

secure@microsoft.com: CWE-347
nvd@nist.gov: NVD-CWE-noinfo

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F7AA917B-149D-4462-85A6-E1E8D4AF7836",
            "versionEndExcluding": "10.0.10240.19869"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D3845BA8-1885-4B32-A069-9CD95E9895A6",
            "versionEndExcluding": "10.0.14393.5850"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CC646C31-F80E-4BED-B15F-671250530066",
            "versionEndExcluding": "10.0.17763.4252"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_20h2:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "77610DFA-2CAF-4B06-AAA8-2387233A35FA",
            "versionEndExcluding": "10.0.19042.2846"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "28B6B095-4CE2-4612-A977-072C464D7157",
            "versionEndExcluding": "10.0.19044.2846"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D8D3C91C-C19E-49D4-91DC-6C59086DE344",
            "versionEndExcluding": "10.0.19045.2846"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "672CF584-309F-4F28-9E3A-545C0138F5EA",
            "versionEndExcluding": "10.0.22000.1817"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F47239E8-AEB6-4E79-91DB-51238D4368B2",
            "versionEndExcluding": "10.0.22621.1555"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References