Vulnerability Report

CVE-2023-36025

CISA KEV Active

Title: Microsoft Windows 10 22H2

Other

Proof Of Concept

PoC Available for CVE-2023-36025

CWE Category NVD-CWE-noinfo
Published Date Nov 14, 2023
Modified Date Oct 28, 2025
Exploit Status Available
Score 8.8 CVSS v3.1
Exploit Probability (EPSS)
88.20%

Vulnerability Summary

CVE-2023-36025: Windows SmartScreen Security Feature Bypass Vulnerability

Impacted Vendors

M
microsoft 13

Reference Links

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36025 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36025 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-36025
CVSS v3.1
Source Entity [email protected]
Severity HIGH
8.8
Attack Vector
NETWORK
Complexity
LOW
Privileges
N/A
Interaction
REQUIRED
Confidentiality
N/A
Integrity
N/A
Availability
N/A
Scope
UNCHANGED
RAW VECTOR CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS v3.1
Source Entity [email protected]
Severity HIGH
8.8
Attack Vector
NETWORK
Complexity
LOW
Privileges
N/A
Interaction
REQUIRED
Confidentiality
N/A
Integrity
N/A
Availability
N/A
Scope
UNCHANGED
RAW VECTOR CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Associated Attack Patterns (CAPEC)

Total: Patterns

CVE-2023-36025 Exploits & PoCs (Proof Of Concept)

GitHub https://github.com/ka7ana/CVE-2023-36025
View Code
GitHub https://github.com/J466Y/test_CVE-2023-36025
View Code
GitHub https://github.com/coolman6942o/-EXPLOIT-CVE-2023-36025
View Code
MODIFIED

Vulnerability data or affected products updated.

PUBLISHED

Vulnerability first announced in NVD.

Attack Vector Matrix

Access Vector NETWORK
Complexity LOW
Privileges N/A
Interaction REQUIRED
CVSS Vector String CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Stack

No specific products linked.