1. Home
  2. Mapping Frameworks
  3. Known Exploited Vulnerabilities Home
  4. Microsoft Windows CNG Key Isolation Service Privilege Escalation Vulnerability

Known Exploited Vulnerabilities CVE-2023-28229 Mappings

Windows CNG Key Isolation Service Elevation of Privilege Vulnerability

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
CVE-2023-28229 Microsoft Windows CNG Key Isolation Service Privilege Escalation Vulnerability primary_impact T1068 Exploitation for Privilege Escalation
Comments
This vulnerability is exploited by an adversary that has gained local access to the victim system. If successfully exploited, the adversary would gain limited SYSTEM level privileges. This vulnerability has been exploited in the wild; however, no technical information has been published related to the exploitation. Microsoft has identified that successful exploitation of this vulnerability requires an attacker to win a race condition.
References
  1. https://www.picussecurity.com/resource/blog/cisa-reveals-the-top-15-most-exploited-vulnerabilities-of-2023
  2. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28229
CVE-2023-28229 Microsoft Windows CNG Key Isolation Service Privilege Escalation Vulnerability exploitation_technique T1078 Valid Accounts
Comments
This vulnerability is exploited by an adversary that has gained local access to the victim system. If successfully exploited, the adversary would gain limited SYSTEM level privileges. This vulnerability has been exploited in the wild; however, no technical information has been published related to the exploitation. Microsoft has identified that successful exploitation of this vulnerability requires an attacker to win a race condition.
References
  1. https://www.picussecurity.com/resource/blog/cisa-reveals-the-top-15-most-exploited-vulnerabilities-of-2023
  2. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28229