← Back

CVE-2023-21739

nvd nist
Published: Jan 10, 2023Modified: Nov 21, 2024

JSON object

Loading...
7.0
Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.0 / Impact: 5.9
Source: NVD (Secondary)

Description

Windows Bluetooth Driver Elevation of Privilege Vulnerability

Affected (17)

Microsoft
10 products
Windows 10 1507
Windows 10 1607
Windows 10 1809
Windows 10 20h2
Windows 10 21h2
Windows 10 22h2
Windows 11 21h2
Windows 11 22h2
Windows 8.1
Windows Rt 8.1
Configuration A
17 vulnerable
Vulnerable SoftwareAffected Versions
Microsoft
Windows 10 1507
Before 10.0.10240.19685
Windows 10 1507
Before 10.0.10240.19685
Microsoft
Windows 10 1607
Before 10.0.14393.5648
Windows 10 1607
Before 10.0.14393.5648
Windows 10 1809
Before 10.0.17763.3887
Microsoft
Windows 10 20h2
Before 10.0.19042.2486
Windows 10 20h2
Before 10.0.19042.2486
Windows 10 21h2
Before 10.0.19044.2486
Windows 10 22h2
Before 10.0.19045.2486
Microsoft
Windows 11 21h2
Before 10.0.22000.1455
Windows 11 21h2
Before 10.0.22000.1455
Microsoft
Windows 11 22h2
Before 10.0.22621.1105
Windows 11 22h2
Before 10.0.22621.1105
Microsoft
Windows 8.1
Before 6.3.9600.20778
Windows 8.1
Before 6.3.9600.20778
Microsoft
Windows Rt 8.1
Before 6.3.9600.20778
Windows Rt 8.1
Before 6.3.9600.20778

Related CWEs

CWE-591
Sensitive Data Storage in Improperly Locked Memory
The product stores sensitive data in memory that is not locked, or that has been incorrectly locked, which might cause the memory to be written to swap files on disk by the virtual memory manager. This can make the data more accessible to external actors.

References (2)

Source: secure@microsoft.com
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory

Timeline

No history available yet.