Overview
- Description
- Windows Search Remote Code Execution Vulnerability
- Source
- secure@microsoft.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 5.9
- Exploitability score
- 1.6
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
Known exploits
Data from CISA
- Vulnerability name
- Microsoft Windows Search Remote Code Execution Vulnerability
- Exploit added on
- Jul 17, 2023
- Exploit action due
- Aug 29, 2023
- Required action
- Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0B6341EE-9F08-41F4-AAC9-69FCFD57AA29",
"versionEndExcluding": "10.0.10240.20107"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "27D3DBDC-310E-41F1-A2B2-F0D3B09E1C25",
"versionEndExcluding": "10.0.14393.6167"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2CAFD7E2-955E-4169-8FE4-E4883C22F128",
"versionEndExcluding": "10.0.17763.4737"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B6873B3B-E106-4E56-B8EC-5D5A6EEEA5B5",
"versionEndExcluding": "10.0.19044.3324"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "45A28C82-CFCA-461C-B2E6-D21941256F82",
"versionEndExcluding": "10.0.19044.3324"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "32AAA0B2-DF17-4CFA-851E-6B31C11DD38C",
"versionEndExcluding": "10.0.22000.2295"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "478EF06F-1EF8-45B5-981F-79159BFD709F",
"versionEndExcluding": "10.0.22621.2134"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A6C6551D-670F-4EA1-84B5-70BEE90A0C46",
"versionEndExcluding": "10.0.14393.6167"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6614:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "85D91B6C-B943-46C3-AA42-6A41A53F152C"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "812E15CB-8BBE-47D6-9837-E3144A5F5485",
"versionEndExcluding": "10.0.17763.4737"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "84379BFC-A147-497B-9B49-FBE0DBA67F4A",
"versionEndExcluding": "10.0.20348.1903"
}
],
"operator": "OR"
}
]
}
]