Windows Bluetooth A2DP driver Elevation of Privilege Vulnerability - CVE-2023-35387ID: oval:org.secpod.oval:def:91773 | Date: (C)2023-08-09 (M)2024-04-25 |
Class: VULNERABILITY | Family: windows |
Windows Bluetooth A2DP driver Elevation of Privilege Vulnerability. An authorized attacker could exploit the Windows Bluetooth driver vulnerability by programmatically running certain functions that could lead to elevation of privilege on the Bluetooth component. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. In order to exploit this vulnerability, the victim must pair with the attacker's Bluetooth device. An exploited vulnerability can affect resources beyond the security scope managed by the security authority of the vulnerable component. In this case, the vulnerable component and the impacted component are different and managed by different security authorities. Successful exploitation of this vulnerability requires that an attacker will need to first gain access to the restricted network before running an attack.
Platform: |
Microsoft Windows 10 |
Microsoft Windows 11 |
Microsoft Windows Server 2012 |
Microsoft Windows Server 2012 R2 |
Microsoft Windows Server 2016 |
Microsoft Windows Server 2019 |