Windows HMAC Key Derivation Elevation of Privilege Vulnerability - CVE-2023-36400ID: oval:org.secpod.oval:def:94470 | Date: (C)2023-11-15 (M)2024-03-06 |
Class: VULNERABILITY | Family: windows |
Windows HMAC Key Derivation Elevation of Privilege Vulnerability. In this case, a successful attack could be performed from a low privilege Hyper-V guest. The attacker could traverse the guest's security boundary to execute code on the Hyper-V host execution environment. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.
Platform: |
Microsoft Windows 10 |
Microsoft Windows 11 |
Microsoft Windows Server 2016 |
Microsoft Windows Server 2019 |
Microsoft Windows Server 2022 |
Microsoft Windows Server |